|
SAN FRANCISCO, Sept. 22 (Xinhua) -- Yahoo Inc. acknowledged on Thursday that information associated with at least 500 million user accounts, including names, email addresses, telephone numbers, dates of birth and hashed passwords, was stolen from its network in late 2014.
The technology company headquartered in Sunnyvale, northern California, said in a website posting, titled "An Important Message About Yahoo User Security," that it believed a state-sponsored actor was behind the incident and that an investigation had found no evidence that the actor is currently in its network.
The information stolen, noted Yahoo's chief information security officer Bob Lord, included "in some cases, encrypted or unencrypted security questions and answers."
However, while the investigation is going on and Yahoo is working with law enforcement, Lord said that the stolen information did not include unprotected passwords, payment card data or bank account information, as "payment card data and bank account information are not stored in the system that the investigation has found to be affected."
The company, which once was a Silicon Valley legend and web pioneer in the 1990s but agreed to sell operating businesses to Verizon Communications Inc. in late July this year, said it is notifying potentially affected users via email and asking them change their passwords and adopt alternate means of account verification. The content of its message is available starting at 11:30 am Pacific daylight saving time (PDT) on its website.
It also warned against unsolicited communications that ask users for personal information or refer them to a web page asking for personal information, and ask them to avoid clicking on links or downloading attachments from suspicious emails.
Unconfirmed media reports said Yahoo was notified about the security breach two months ago.
