Yahoo data breach: NCSC response

4 Oct 2017 12:50 PM

Media outlets are reporting that all Yahoo user accounts were affected in a hacking attack dating back to 2013. Yahoo put out additional advice to its customers recently. It states that:

Yahoo is providing notice to additional user accounts affected by an August 2013 theft of user data previously announced by the company in December 2016. This is not a new security issue. In 2016, Yahoo previously took action to protect all user accounts. https://help.yahoo.com/kb/account/SLN28451.html?impressions=true

NCSC advice from December 2016 remains valid and is set out below.

Yahoo has stated that, in August 2013, an unauthorised third party stole data associated with more than one billion user accounts. Yahoo believes that the breach is separate from the incident which impacted 500 million user accounts, disclosed in September this year. The stolen data reportedly included names, email addresses, telephone numbers, dates of birth, hashed passwords and in some cases, encrypted and unencrypted security questions and answers. There is no suggestion that payment card or bank account details were stolen.

As part of our role to prevent and minimise disruptions from cyber attacks, the National Cyber Security Centre (NCSC) is working closely with the US authorities and industry to gain a better understanding about what happened to Yahoo. We recommend that all users follow Yahoo’s advice to visit its Safety Center page for recommendations on how to stay secure online. BT and SKY have also added advice for their customers who use BT Yahoo Mail and SKY Yahoo Mail. Further advice about resetting passwords can be found on the Cyber Aware website, and practical advice relating to the Yahoo breach is available at the Action Fraud website.