In news that will be particularly hard to hear for those who have held on to Yahoo email addresses in this Gmail age, the company announced today that hackers took information from 500 million accounts in 2014. Yahoo is calling the perpetrator of the crime a “state-sponsored actor” and notes that the stolen data includes “names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers.” At least the potentially affected can take heart that it does not seem like “unprotected passwords, payment card data, or bank account information” were involved.
Early Thursday, Recode reported that Yahoo was planning to confirm a breach which a source said was “worse” than previously believed. Back in August, Vice reported that a hacker called “Peace” was selling stolen Yahoo data at a dark web marketplace. At that time a spokesperson said Yahoo was “aware of a claim.”