Yahoo confirmed today that the information from at least 500 million user accounts was stolen by a “state-sponsored actor” in late 2014.
The stolen information may include names, email addresses, telephone numbers, dates of birth, hashed passwords, as well as encrypted and encrypted security questions and answers. The data does not include unprotected passwords, payment card data, or bank account information. The company also noted that it does not store payment card data and bank account information in the system that was hacked.
The company, which confirmed the hack after a “recent investigation,” said it is working with law enforcement, but did not clarify who a “state-sponsored actor” may be.
“Online intrusions and thefts by state-sponsored actors have become increasingly common across the technology industry,” Yahoo said in a press release. The company also said customers should check their accounts for “suspicious activity” and change password and security questions for any accounts if they used similar passwords or information.
There’s a lot happening in the world. Through it all, Marketplace is here for you.
You rely on Marketplace to break down the world’s events and tell you how it affects you in a fact-based, approachable way. We rely on your financial support to keep making that possible.
Your donation today powers the independent journalism that you rely on. For just $5/month, you can help sustain Marketplace so we can keep reporting on the things that matter to you.