Skip to content
City PM
  • Germany
  • France
  • Europe
  • Markets
  • Business
  • Opinion
  • DE
  • Germany
  • France
  • Europe
  • Markets
  • Business
  • Opinion
  • DE
Thursday 15 December 2016 6:36 am

Yahoo hit by largest cyber attack of all time in second mega-hack

By: Oliver Gill

Add as a preferred source on Google

More than one billion Yahoo user accounts have been hacked after the search engine revealed it had been the victim of the largest cyber attack in history.

The breach is the second mammoth attack on Yahoo uncovered this year and has affected more than double the number of accounts compared with a breach revealed in September – which the firm said was “distinct” from the latest intrusion.

Read more: Yahoo hack hit 500m user accounts – putting pressure on its Verizon deal

The hack stretched back to August 2013 and led to personal data – such as names, email addresses, dates of birth, passwords and phone number – being stolen from accounts. Yahoo added in a statement:

Payment card data and bank account information are not stored in the system the company believes was affected.

Verizon: Deal or no deal?

The news could have huge implications for the future of the internet company and a $4.8bn (£3.8bn) takeover by US telecoms giant Verizon. Following September's revrelations, Verizon was forced to admit it was considering its options. 

However, in the wake of the latest news Verizon was keeping its powder dry for now, it said:

We [Verizon] will review the impact of this new development before reaching any final conclusions.

A spokesperson for Yahoo told Reuters that Verizon has been kept fully appraised of the latest breach and the firm is confident the incident will not impact the Verizon deal.

Read more: Veri-hoo? The $4.83bn Verizon Yahoo deal is go

Cookie concern

Whereas Yahoo blamed the September breach on hackers working on behalf of a government organisation, it currently had no more information as to the identify of the latest attack: “The company has not been able to identify the intrusion associated with the theft.”

Separately, the internet company is also concerned about the creation of “forged cookies”, which could allow hackers to access user accounts by the back door – bypassing password verification.

It has enlisted the help of forensic experts and has ascertained such issues are connected to the “state-sponsored actor” from the attack announced in September.

Share this article

  • Facebook
  • X
  • LinkedIn
  • WhatsApp
  • Email

Similarly tagged content:

Sections

  • News

Categories

  • Business
  • Tech

Related Topics

  • M&A

Trending Articles

  • Billionaire Easyjet founder in line for £800m payday from takeover

  • The former African gold miner taking on the billionaire Issa brothers

  • Tesco ‘in talks’ to exit eastern Europe

  • Pension pressure to help swell UK debt to three times size of economy

  • As it happened: FTSE 100 slump as oil soars; Trump says Iran will be ‘hit hard’ tonight

More from City PM

  • The Debate: Should CEOs be held personally accountable for cyberattacks?

    Opinion
    Evil-looking keyboard symbolizing cybersecurity threats and hacking risks in a digital landscape.
  • M&S to face shareholder grilling over cyber attack recovery

    Retail
    Marks and Spencer was one of three UK retailers to be targeted
  • Jaguar Land Rover eyes cost-cutting and wealthy buyers in cyber attack recovery

    Retail
    JLR logo prominently displayed in an automotive business setting, highlighting the companys brand presence and identity
  • Pockit taps shareholders for £13.4m after losses quadruple

    Fintech
    Pockit financial technology interface showcasing user-friendly design and innovative digital banking solutions
  • Watchdog opens probe into auditors of collapsed lender MFS

    Accountancy
    Canada
  • M&S chair: Tax and employment costs holding back Britain

    Retail
    Archie Norman, business leader, speaking at a corporate event wearing a suit and tie, engaging with the audience.
  • Losses widen at UK fintech Monese in eight month delayed accounts

    Fintech
    Monese was founded in 2015 and is based in London.
  • Legal & General handles King’s staff pension schemes as monarch’s £13m tax bill revealed

    News

City PM — European politics, business and analysis.

Europe

  • Germany
  • France
  • Europe
  • UK & Ireland

Topics

  • Business
  • Markets
  • AI
  • Technology
  • Opinion
  • Energy

More

  • Politics
  • Economics
  • Fintech
  • Legal
  • Sport
  • Life

Company

  • About City PM
  • Editorial Policy
  • Corrections
  • Contact
  • Terms of Use
  • Privacy Policy
  • Cookie Policy
© 2026 City PM · Published by CityPM Media, Bahnhofstrasse 65, 8001 Zürich, Switzerland
About · Editorial Policy · Corrections · Contact · Privacy · Facebook