Yahoo is expected to publicly confirm the incident this week.
Yahoo is reportedly gearing up to confirm a massive data breach affecting “several hundred million” user accounts, according to Recode.
Citing several unnamed sources close to the situation, Recode said Yahoo is expected to publicly confirm the incident this week (who wants to bet the announcement will come on Friday at 5 p.m.?). We’ve reached out to Yahoo for comment but have yet to hear back.
The breach comes at a pretty inconvenient time for Yahoo, which is in the process of being acquired by Verizon.
“The scale of the liability could bring untold headaches to the new owners,” Recode points out. “Shareholders are likely to worry that it could lead to an adjustment in the price of the transaction.”
The breach first came to light in August, when a cybercriminal who goes by the name “Peace” claimed to be selling the credentials of 200 million Yahoo users from 2012 on the dark Web.
The loot, which was allegedly selling for $1,800, included usernames, easily decrypted passwords, birthdates, and email addresses.
At the time, Yahoo said it was “aware of the claim” and investigating the issue, but did not confirm the breach.
The company has not issued a mass password reset, as is customary after these types of incidents.
Random Access: Pokemon Go Plus, Yahoo data breach, Facebook saving mankind, Mr Robot season finale
Posted by PCMag on Thursday, September 22, 2016