Yahoo Breach: At Least 500M User Accounts Impacted
BALTIMORE (WJZ) -- It's being called the mother of all data breaches. A massive hack on Yahoo has hit millions of accounts. That information could now be in the hands of cyber thieves.
It may be one of the largest cyber security breaches ever. If you got an email, chances are, you're a victim.
"We're seeing yet another very large, massively large-scale breach occurring," said Paul Dant, chief strategist, Independent Security Evaluators.
Yahoo says at least 500 million user accounts are impacted. Names, email addresses, phone numbers, birth dates and security answers and questions were all stolen.
"They have access to your entire circle of friends, all of the businesses that you do business with," said Connie Guglielmo, CNET News.
While some users feel phone numbers and names might not be private information, experts say the worst has yet to come.
Yahoo is just the latest to make headlines. The U.S. government, MedStar Health, Target and Home Depot have all been hacked in recent months.
The ransomware that held MedStar computers hostage for money in March could be a new wave of similar attacks.
"This data is very, very valuable on the Black Market. Organized crime that may be looking for ways to capitalize and monetize these types of attacks will pay premium dollars for that information," said Dant.
Security experts like Paul Dant say those attacks are a bigger fear, and that terrorist groups will try to replicate and even target power grids or nuclear facilities, with devastating results.
"It's a very Doomsday approach to it, but I also feel like in 2016, this is just the pragmatic viewpoint," Dant said.
Yahoo has urged users to change their passwords immediately. The company says the hack does not appear to include credit card or bank account information.
Yahoo is the third largest email provider in the country. The company is blaming the hack on a state-sponsored actor.
Yahoo is currently in the middle of a deal to sell the company to Verizon.
Security experts say people should make "pass phrases" instead of passwords.
The company has not said when it first learned of the data breach, and why they're alerting customers right now.