200M Yahoo Accounts on The Dark Web

Yahoo is investigating an alleged breach of 200 million Yahoo accounts, leaving email addresses, back up email addresses, birthdates and user passwords exposed…

Yahoo has been notified 200 million user accounts have been placed up for sale on the dark web by the same hacker, peace_of_mind, that was allegedly responsible for the massive MySpace and LinkedIn breaches.  Yahoo is not reporting any form of breach at this time, as they remain in the investigation phase.

A sample of the records were tested for validity, and several of the email addresses came back as undeliverable.  It is unknown if these records are simply from past breaches and have since been deactivated, or if the records on the dark web are fake.  ThreatPost reported it would be incredibly difficult to fake a dataset of this magnitude.

Yahoo made the following statement to ThreatPost about the claims:

“We are aware of a claim. We are committed to protecting the security of our users’ information and we take any such claim very seriously. Our security team is working to determine the facts.”

For now, it’s better to be safe than sorry.  If you have a Yahoo account, it would be in your best interest to, at a minimum, change your password.

224 total views, 1 views today

(Visited 54 times, 1 visits today)

6 thoughts on “200M Yahoo Accounts on The Dark Web

  1. I am an old gal. Is there any way to transfer everything that I have in my yahoo (since 2002) to another safer email address?

    • Yes, you are able to merge email accounts if you decide to go through another email provider. It is unknown when these accounts were breached. In the mean time, I would just encourage you to go to Yahoo.com and change your email password to ensure your information’s safety.

  2. Yahoo! Mail has had security issues for more years than i care to count. I abandoned my Yahoo! Mail account 10 years ago because i could no longer tolerate the avalanche of spam that choked my inbox. Repeated attempted to delete and/or deactivate my Yahoo! account failed. To this day, Yahoo! has no mechanism for its users to delete their accounts.

    I have since switched to Microsoft’s Hotmail, because it has one of the most aggressive — if not THE most aggressive — anti-spam filters available .

  3. Yahoo has some serious security issues with IT staff that have administrative privileges. I routinely get phishing e-mails from friends with AT&T e-mail accounts (AT&T appears to let Yahoo host their e-mail service) if those friends primarily use Yahoo webmail. The “hackers” grab the user’s webmail address book and send out the phishing messages that “I’m on vacation in Hawaii and my wallet and return airline ticket was stolen. Please send me some money so I can get home!” Those same messages go out to everyone else in that address book. When I convince those users to set up an e-mail client on their computer, empty their webmail address book and don’t send anything from webmail unless it’s absolutely necessary, the phishing stops. Webmail address books with very few addresses aren’t of much interest to phishers. Yahoo never seems to have any luck finding out the source of the problem.

    It would appear that Yahoo IT staff may have decided to up the ante.

Leave a Reply

Your email address will not be published. Required fields are marked *