Yahoo 'expected to confirm massive data breach', says Recode

@ wrote:
Well, I am not chaninging mine until someone tell me that I have been compromised.

I went on the the POWNED site after I got an e-mail from BT, mine had been exposed.
 

That is a good idea, Jasper. Which site do you use as I see a number and the 'haveIbeenpawned' site is showing as 'moderate' risk in terms of Webroot reputation?

@ wrote:
That is a good idea, Jasper. Which site do you use as I see a number and the 'haveIbeenpawned' site is showing as 'moderate' risk in terms of Webroot reputation?

The one I used is moderate risk https://haveibeenpwned.com/

Apparently Yahoo didn't think it was important to reset user passwords after the breach??
https://twitter.com/ShiraOvide/status/781143868955881472

@ wrote:
Apparently Yahoo didn't think it was important to reset user passwords after the breach??
https://twitter.com/ShiraOvide/status/781143868955881472

?

@ wrote:
Apparently Yahoo didn't think it was important to reset user passwords after the breach??
https://twitter.com/ShiraOvide/status/781143868955881472

Yeah, they also didn't think it to be important to say anything about it for 2 years.

October 1, 2016  By Pierluigi Paganini
 
                                           http://i1.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2016/09/yahoo-data-breach.jpg?resize=800%2C450
 

According to a former Yahoo executive the number of affected user accounts in the Yahoo data breach may be between 1 Billion and 3 Billion.

 
This summer 200 million Yahoo user accounts were offered for sale in a black market on the dark web.
 
The company promptly started its investigation and last week confirmed the data breach, dated back at 2014 revealing that a nation-state actor has exposed at least 500 Million Yahoo user accounts.
But, now it seems that the Yahoo data breach is much extended.
 
Full Article

? that's nuts. 😠

@ wrote:
@ that's nuts. :@

It also shows the amount of hold a single company can have over a large amount users.

If everytime a company that  compromised a consumers information  had to pay each person a minimum of $150.00 for the time and trouble a consumer has to go through to change all their information and accounts, I bet we would not continue to have this problem. I am sure they would find it less expensive to improve their securty than to compensate consumers for their time and trouble. Can I get an AMEN? I also remember notifing Yahoo that I was getting fake emails with Yahoo name on them, but Yahoo didnt care. And why are we just now hearing about when it happened two years ago? They need to be severly penalized.:robotmad:

I bet Verizon is SO happy they paid nearly 5 billion dollars for that polished turd. Maybe they can give us some of whatever it is they were smokin'  ?

Yahoo scannte angeblich alle Kundenmails für US-Dienste
Yahoo hat Insidern zufolge auf Anweisung der US-Behörden die eingehenden E-Mails aller Kunden durchsucht. Der Internetkonzern habe damit im vergangenen Jahr einer geheimen Anordnung der US-Regierung Folge geleistet, sagten drei mit der Sache vertraute Personen der Nachrichtenagentur Reuters.
Yahoo habe ein spezielles Programm geschrieben, um die einlaufenden Mails von mehreren hundert Millionen Kunden nach einer bestimmten Zeichenkette zu durchforsten. Unklar blieb, welche Daten Yahoo an die US-Behörden übergab oder ob auch andere Internetkonzerne beteiligt waren.
NSA oder FBI
Den zwei ehemaligen Mitarbeitern und einer mit dem Vorgang vertrauten Person zufolge kam die Anordnung entweder von dem Nachrichtendienst NSA oder der Bundespolizei FBI. Die NSA stellt oft derartige Anträge über das FBI, was die genaue Zuordnung zu einem Dienst erschwert. Experten zufolge ist es der erste bekannte Fall, in dem ein US-Konzern der Forderung nach einer kompletten Überwachung des gesamten eingehenden Mailverkehrs nachgab.
Yahoo erklärte auf Anfrage lediglich, man halte sich an die Gesetze der USA. Die NSA verwies auf das Büro des Direktors der US-Geheimdienste, das eine Stellungnahme ablehnte. Auch Vertreter der E-Mail-Provider Google und Microsoft lehnten Stellungnahmen ab.
 
 
http://orf.at/#/stories/2360871/