Skip to content
Support Us

We need your help now

Support from readers like you keeps The Journal open.

You are visiting us because we have something you value. Independent, unbiased news that tells the truth. Advertising revenue goes some way to support our mission, but this year it has not been enough.

If you've seen value in our reporting, please contribute what you can, so we can continue to produce accurate and meaningful journalism. For everyone who needs it.

Data Protection Commissioner seeking answers after massive Yahoo privacy breach

Yahoo said names, email addresses, birth dates, and scrambled passwords were stolen.

Updated 10.33am

Yahoo Marcio Jose Sanchez / PA Marcio Jose Sanchez / PA / PA

YAHOO HAS SAID that a massive attack on its network in 2014 allowed hackers to steal data from half a billion users and may have been “state sponsored.”

The Data Protection Commissioner here has been notified of the data breach by the multinational, which has its European HQ based in Dublin.

“Yahoo have notified us of the breach,” a spokeswoman told TheJournal.ie.

Our office has raised a number of issues for which we’re seeking clarification on, and are waiting for a response from Yahoo.

Helen Dixon was appointed as Data Protection Commissioner for Ireland in September 2014, heading up the office on Fitzwilliam Square in Dublin city.

Yahoo, which confirmed details of the breach last night, months after reports of a major hack, said its investigation concluded that “certain user account information was stolen” and that the attack came from “what it believes is a state-sponsored actor.”

“Based on the ongoing investigation, Yahoo believes that information associated with at least 500 million user accounts was stolen,” said a statement by the US internet giant in what is likely the largest-ever breach for a single organization.

Yahoo is working closely with law enforcement on this matter.

The comments come after a report earlier this year quoted a security researcher saying some 200 million accounts may have been accessed and that hacked data was being offered for sale online.

Yahoo said the stolen information may have included names, email addresses, birth dates, and scrambled passwords, along with encrypted or unencrypted security questions and answers that could help hackers break into victims’ other online accounts.

While there is no official record of the largest breaches, many analysts have called the Myspace hack revealed earlier this year as the largest to date, with 360 million users affected.

IMG_0600 Helen Dixon, Data Protection Commissioner, alongside Andreas Carney and Marie Bohan of Matheson law firm. Paul Sherwood Paul Sherwood

Ammunition for hackers

Computer security analyst Graham Cluley said the stolen Yahoo data “could be useful ammunition for any hacker attempting to break into Yahoo accounts, or interested in exploring whether users might have used the same security questions/answers to protect themselves elsewhere on the web.”

He noted that while Yahoo said that it believes the hack was state-sponsored, the company provided no details regarding what makes them think that is the case.

“If I had to break the bad news that my company had been hacked… I would feel much happier saying that the attackers were ‘state-sponsored,’” rather than teen hackers, Cluley said in a blog post.

University of Notre Dame associate teaching professor and data security specialist Timothy Carone told AFP that the Yahoo hack fit the “big picture” when it comes to cyberattacks launched by spy agencies in Russia, China, North Korea or other countries.

“It just smacks of traditional trade craft,” Carone said.

It is a broad sweep of getting information on people and building up profiles on those who may be of use to them.

Carone described Russia, China and North Korea as the usual three suspects in state-sponsored hacks, but cautioned that allies are not above cyber snooping as well.

“People have to realize that anything they put out there is fair game,” he said, stressing a need for internet users to remain wary.

Unprotected passwords

It appeared that looted Yahoo data did not include unprotected passwords or information associated with payments or bank accounts, the Silicon Valley company said.

Yahoo is asking affected users to change passwords, and recommending anyone who has not done so since 2014 to take the same action as a precaution.

Users of Yahoo online services were urged to review accounts for suspicious activity and change passwords and security question information used to log in anywhere else if it matched that at Yahoo.

“Online intrusions and thefts by state-sponsored actors have become increasingly common across the technology industry,” Yahoo said in a statement.

Yahoo and other companies have launched programs to detect and notify users when a company strongly suspects that a state-sponsored actor has targeted an account.

$4.8 billion

Confirmation of the major cyber breach comes two months after Yahoo sealed a deal to sell its core internet business to telecom giant Verizon for $4.8 billion, ending a two-decade run as an independent company.

It was not immediately clear if the data breach could impact the closing of the deal or the price agreed by Verizon.

“Frankly, the timing couldn’t be worse for Yahoo,” Cluley said.

The telecom firm said it was reviewing the new information.

“Within the last two days, we were notified of Yahoo’s security incident,” Verizon said in a statement.

“We will evaluate as the investigation continues through the lens of overall Verizon interests, including consumers, customers, shareholders and related communities.”

With reporting from - © AFP, 2016

Read: Yahoo confirms at least 500 million accounts hacked

Read: Lucky syndicate claims €11 million Lotto jackpot

Readers like you are keeping these stories free for everyone...
A mix of advertising and supporting contributions helps keep paywalls away from valuable information like this article. Over 5,000 readers like you have already stepped up and support us with a monthly payment or a once-off donation.

Close
36 Comments
    Install the app to use these features.
    Mute Glen
    Favourite Glen
    Report
    Nov 13th 2014, 12:31 PM

    Well we can all sleep peacefully now that that’s sorted.

    90
    Install the app to use these features.
    Mute Fergus Flanagan
    Favourite Fergus Flanagan
    Report
    Nov 13th 2014, 1:04 PM

    Not the best comparison really considering he retorted with a figure for the domestic market rather than all operated markets combined.

    52
    Install the app to use these features.
    Mute andrew
    Favourite andrew
    Report
    Nov 13th 2014, 12:34 PM

    The greed of the music companies is line one endless stream. The artists complaints are a joke. Plays on Spotify are like having your ads paid for

    50
    Install the app to use these features.
    Mute Ruairí
    Favourite Ruairí
    Report
    Nov 13th 2014, 12:43 PM

    Streams on Spotify are a pittance and a poor source of income for musicians. More power to her if she wants to remove her music from Spotify. She clearly doesn’t need it as she’s by far the best selling artist this year.

    47
    Install the app to use these features.
    Mute Alien8
    Favourite Alien8
    Report
    Nov 13th 2014, 3:08 PM

    Taylor Swift and her record company are just in it for the prestige of record breaking sales and the history books, not people who listen to the music. Nowhere is questioned what is better for the consumer (or fans as they used to be known)?

    Spotify has obviously not cannibalised the album buying public, as her album has one of the highest number of record sales, which is in addition to any income from streaming and video services.. Spotify replaces the radio, not albums sales, and it gives people to opportunity to spend a small amount to listen (not own) music for a low cost. But not low enough that If all you wanted to listen to was taylor swift, then you could buy her back catalogue for less than a few months of spotify.

    What the record company don’t get is that the spotify income, small as it is compared to if everyone who listened to a track bought the album instead, is a top up from people who would just download it from a torrent, or listen to it on the radio. It is never about being paid for their work, as she has the highest income per effort in the world, but instead just making sure parents pay what a record company exec told her each fan was worth.

    18
    Install the app to use these features.
    Mute Tweety McTweeter
    Favourite Tweety McTweeter
    Report
    Nov 13th 2014, 1:25 PM

    She is probably the most popular pop artist out there at the moment and she would only make €400k/year on Spotify? Most artists must only be making pennies on it

    38
    Install the app to use these features.
    Mute Powerful Sayings
    Favourite Powerful Sayings
    Report
    Nov 13th 2014, 12:54 PM

    I like her songs.

    20
    Install the app to use these features.
    Mute gerry o donell
    Favourite gerry o donell
    Report
    Nov 13th 2014, 9:41 PM

    don’t know why. but her and her songs really annoy me, even more than Cheryl cole

    4
    Install the app to use these features.
    Mute _doesnotcompute
    Favourite _doesnotcompute
    Report
    Nov 13th 2014, 1:53 PM

    Oooooh no, she only earned €398,000 in the last 12 months. Boo focking Hoo.

    20
    Install the app to use these features.
    Mute Plain Porther
    Favourite Plain Porther
    Report
    Nov 13th 2014, 9:15 PM

    Taylor Swift and music in the same sentence . . . ? Jaysus.

    4
    Install the app to use these features.
    Mute Paul Roche
    Favourite Paul Roche
    Report
    Nov 13th 2014, 12:42 PM

    Nope.

    2
    Install the app to use these features.
    Mute Mrs Shalakalananaka
    Favourite Mrs Shalakalananaka
    Report
    Nov 13th 2014, 1:00 PM

    Maybe?

    10
    Install the app to use these features.
    Mute Chief
    Favourite Chief
    Report
    Nov 13th 2014, 2:14 PM

    Depends!

    4
    See 1 more reply ▾
    Install the app to use these features.
    Mute Paul Roche
    Favourite Paul Roche
    Report
    Nov 20th 2014, 7:35 PM

    On?

    1
Submit a report
Please help us understand how this comment violates our community guidelines.
Thank you for the feedback
Your feedback has been sent to our team for review.
JournalTv
News in 60 seconds