Yahoo Investigating Possible Breach of 200 Million Accounts

August 3, 2016, Written By Natalie Rutledge
Yahoo Investigating Possible Breach of 200 Million Accounts

Yahoo is investigating a possible data breach after the usernames, hashed passwords, birth dates and back-up email addresses of nearly 200 million users appeared for sale on the dark web.

Peace, the hacker listing the information, said it may be from a 2012 hack, and is selling the data for three bitcoins (about $1,860).

Yahoo has not yet confirmed or denied the breach. The company told Motherboard it is aware of the hacker’s claims, but it always works to keep its users safe.

“And we always encourage our users to create strong passwords, or give up passwords altogether by using Yahoo Account Key, and use different passwords for different platforms.”

Motherboard obtained a sample of 5,000 records, and found most information corresponds to actual accounts. However, over 100 of the addresses didn’t work, and the tester received “This account has been disabled or discontinued,” or “This user doesn’t have a account” auto responses.

The passwords were hashed, since Yahoo uses the MD5 algorithm to hash the information. Professor Alan Woodward, a security expert, told BBC, “The algorithm MD5 is considered to be weak, and for the vast majority of passwords it is easy to reverse what it was using what we call a dictionary attack.”

Peace is also responsible for recent breaches at MySpace and LinkedIn.

The information contained within this article was accurate as of August 3, 2016. For up-to-date
information on any of the terms, cards or offers mentioned above, visit the issuer's website.

About Natalie Rutledge

Natalie Rutledge majored in Communications at Mississippi State University. She was in sales for a number of businesses and spent nine years working as a communications advisor to various entities. Natalie can be contacted directly at
View all posts by Natalie Rutledge