It is ten years since Yahoo! was hacked and 3 billion accounts were affected.
This month marks the tenth anniversary of the data breach suffered by Yahoo! The internet services company, which at first pointed to 1 billion accounts affected by the hack, actually suffered a blow that involved 3 billion users. That is, all the accounts that existed at the time.
This was demonstrated in 2017, when the company was acquired by Verizon and Verizon conducted an investigation into what had happened.
Names, dates of birth, phone numbers, email addresses, hashed passwords, and even security questions and their answers were revealed.
Coinciding with the anniversary of this attack, security firm ESET takes a look back at other major incidents that have exposed large volumes of sensitive information since 2013.
One of these is the 2017 breach of the largest credit reporting agency in the United States, Equifax. The incident put at risk the data of 44% of the population of the United States and part of Canada and Great Britain, including social security, driver’s licence, and credit card numbers, among others.
Also high-profile was the case of the Marriott International hotel chain, which came to light in 2018 but started four years earlier and ended up with 383 million of its guests’ records compromised. This ranged from names, email addresses, and phone numbers to passport and bank card details. Richard Smith ended up stepping down as CEO and the company faced lawsuits, regulatory investigations, and stock market crashes.
Another affected was India’s Aadhaar identification database. A hack in 2018 through the website of state-owned Indane left 9 out of 10 people in the Asian country exposed. The database contained information on hundreds of millions of citizens, such as unique identity numbers, biometric scans, names, gender information, and contact details.
ESET also highlights the Collection affair, which leaked 2.2 billion email addresses and passwords in five different packages (Collection#1 to Collection#5) in 2019 via MEGA and other forums. This was a compilation of data from previous breaches.