Possible Yahoo data breach being investigated

Possible Yahoo data breach being investigated

Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.

Start Your Claim
Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

Yahoo are currently investigating the potential data leak by the hacker who was linked to the “mega-breaches” of MySpace and LinkedIn; a topic we recently covered.

The hacker has allegedly posted the details of 200 million Yahoo accounts onto the ‘dark web’ and is selling them for three bitcoins (£1,360).

The hacker is using the same name – ‘Peace’ – that was used from the 2012 data leaks, which makes the hacker “most likely” to be the same person. Yahoo is currently “working to determine the facts” and are taking the claim “very seriously”.

Yahoo said:

“Yahoo works hard to keep our customers safe, and we always encourage our users to create strong passwords, or give up passwords altogether by using Yahoo Account Key, and use different passwords for different platforms.”

The hacker appears to have hashed the passwords, meaning they have been muddled up – but apparently an algorithm that the hacker used has also been released. However, most of the passwords are easy to reverse as the algorithm is weak, according to Professor Alan Woodward, a security expert from Surrey University.

There have been claims of similar data leaks taking place, but no one is sure whether they are true or not. Caution should be taken over the alleged breach until it can be determined whether it has happened or not.

But we can never be too careful either!

Motherboard confirms sample

It was Motherboard who was first to report the supposed breach and test some of the data of the small sample it got a hold of. The 5,000 records they got were tested to see if they matched any Yahoo accounts.

Motherboard found that it matched the first two dozen Yahoo usernames that were tested with actual accounts. However, it did also find that these accounts were inactive. On contacting the email addresses, many emails returned an auto-response saying the account had been disabled or disconnected, or it would return the message undelivered.

Technical director at HPE Security Brendan Rizzo said:

“Data has high value to attackers, and even though the information for sale on the black market is several years old, it can be used for social engineering attacks for spear phishing attempt to gain access to deeper systems with even more lucrative data that can be monetised directly if stolen.”

Making a claim

If you have been a victim of data breach then we can help.  We urge you to contact us if you believe you have a claim, and if we think you do, we can help get you the compensation that you deserve.

Start Your Claim

You can call our claims team free from a landline or mobile on 0800 634 7575 or click on the link below to create a call back with one of our expert Data Claims team.Information on how we handle your data is available in our Privacy Policy.

We offer genuine No Win, No Fee agreements for our clients. Why we do this is simple:

Leading Data Breach Lawyers
Our experience speaks for itself.
We will fight for your right to compensation.
Access to Justice
As a victim of a data breach or hack, you deserve your chance to get access to justice.
Risks Assessment
We carefully risk assess your case and take it on if we think we have a good chance of winning the claim.

Request A Callback From Our Team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

Contact is © of Your Lawyers Limited - we are 'Authorised and Regulated by the Solicitors Regulation Authority (SRA number 508768)'
arrow-up icon