Yahoo gives up 500 Million, accounts and passwords in breach from 4 years ago. Decides now would be a good time to tell its users… Because they didn’t know?
The sudden urgency to tell its users, comes from the fact that all these accounts went up for sale over the summer. The hacker known as “Peace” put the database up for sale asking just over a whopping $1,800. So really, not a huge purchase… However the database is considered a valid chunk of data, consisting of user names, decrypted passwords, and user data like birth days and other email addresses. Pretty much anything in a user profile.
In all fairness, Yahoo says they didn’t know of the breach until they had started an investigation into the sale of the data. Which honestly, is even worse. The fact that they had no idea that they had lost 500 million user accounts and didn’t suspect a thing, speaks volumes to their security practices. Honestly, if you’ve got a yahoo account, go wipe it clean and at the very least change your password.