Yahoo hack: Hundreds of millions of people probably don’t know they are part of the world’s biggest data breach

Many of the accounts are old and unused, and login details for sites such as Flickr are thought to be caught up in the attack

Andrew Griffin
Friday 23 September 2016 04:42 EDT
Comments
How to protect yourself online after the Yahoo hack

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

Hundreds of millions of people are probably caught up in the Yahoo hack without knowing it.

The company has announced that at least 500 million accounts have been stolen in what might be the biggest data breach ever. And, partly because of the sheer size of the breach, it’s likely that many of the people involved don’t even know it.

Many of the users whose accounts are caught in the breach will have signed up years ago – at least before 2014, because the stolen data originated then, but potentially many years earlier. That will mean that many could have forgotten that they even created the account at all, and a large number of those will have created new accounts and so not be able to be contacted by Yahoo.

What’s more, the company runs a number of services, many of which require a Yahoo account to log in too. Flickr, for instance, was bought by Yahoo in 2005 – and as a result suggests that everyone who uses it logs in with a Yahoo account.

Many of those people, however, won’t realise that they have a Yahoo account at all. But they are likely to have been caught up in the huge breach of more than 500 million accounts.

Yahoo has said that it will be contacting all of the people involved in the hack. But it appears that it still isn’t sure exactly how much data was disclosed, so couldn’t tell everyone, and it will presumably have lost contact details for all of those users.

As such, anyone who uses the internet is being advised to change all of their passwords and watch for suspicious activity on their accounts.

The company published security advice on its Tumblr site. It includes suggestions that users avoid clicking on suspicious links and be cautious about unsolicited emails and other communications.

The hack is similar to the one experienced by Myspace earlier this year. Many people then had forgotten their accounts entirely, and it was impossible for lots of those users to be contacted since they had moved on to use different emails and contact details.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in