Legal help for data breach compensation claims

Possible Yahoo data breach being investigated

Start Your Claim Today!

Your privacy is extremely important to us. Read how we handle your data in our Privacy Policy

Yahoo are currently investigating the potential data leak by the hacker who was linked to the “mega-breaches” of MySpace and LinkedIn; a topic we recently covered.

The hacker has allegedly posted the details of 200 million Yahoo accounts onto the ‘dark web’ and is selling them for three bitcoins (£1,360).

The hacker is using the same name – ‘Peace’ – that was used from the 2012 data leaks, which makes the hacker “most likely” to be the same person. Yahoo is currently “working to determine the facts” and are taking the claim “very seriously”.

Yahoo said:

“Yahoo works hard to keep our customers safe, and we always encourage our users to create strong passwords, or give up passwords altogether by using Yahoo Account Key, and use different passwords for different platforms.”

The hacker appears to have hashed the passwords, meaning they have been muddled up – but apparently an algorithm that the hacker used has also been released. However, most of the passwords are easy to reverse as the algorithm is weak, according to Professor Alan Woodward, a security expert from Surrey University.

There have been claims of similar data leaks taking place, but no one is sure whether they are true or not. Caution should be taken over the alleged breach until it can be determined whether it has happened or not.

But we can never be too careful either!

Motherboard confirms sample

It was Motherboard who was first to report the supposed breach and test some of the data of the small sample it got a hold of. The 5,000 records they got were tested to see if they matched any Yahoo accounts.

Motherboard found that it matched the first two dozen Yahoo usernames that were tested with actual accounts. However, it did also find that these accounts were inactive. On contacting the email addresses, many emails returned an auto-response saying the account had been disabled or disconnected, or it would return the message undelivered.

Technical director at HPE Security Brendan Rizzo said:

“Data has high value to attackers, and even though the information for sale on the black market is several years old, it can be used for social engineering attacks for spear phishing attempt to gain access to deeper systems with even more lucrative data that can be monetised directly if stolen.”

Making a claim

If you have been a victim of data breach then we can help.  We urge you to contact us if you believe you have a claim, and if we think you do, we can help get you the compensation that you deserve.

IMPORTANT: advice on this page is intended to be up-to-date for the 'first published date'.

Request a call back from our team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
All fields marked with an * are required.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy.
You have the right to object to the processing of your personal data.

First published by Author on August 10, 2016
Posted in the following categories: Hacking News and tagged with

ATM Chip and Pin hack revealed at Black Hat conference
Ukrainian hacker reportedly steals wealth of medical documents