23 September 2016
Data from 500 million Yahoo user accounts stolen
Internet giant Yahoo is the latest major company to be targeted by hackers, involving the theft of information from at least 500 million user accounts.
The company believes a "state-sponsored actor" stole information including names, email addresses, telephone numbers, dates of birth, passwords and encrypted or unencrypted security questions and answers.
An investigation is continuing into the breach, which Yahoo says happened in late 2014.
The company says the stolen information does not include unprotected passwords, payment card data, or bank account information, which is not stored in the system that was targeted.
A statement released by Yahoo reads: "The investigation has found no evidence that the state-sponsored actor is currently in Yahoo's network. Yahoo is working closely with law enforcement on this matter."
Yahoo said it is notifying any potentially affected users and asking people to change their passwords if they have not done so in the last two years.
Stephen Gates, chief research intelligence analyst at network security firm NSFocus, said: "In 2012, the number of potentially compromised user credentials was estimated to be around 450,000.
"However, the hacker known as Peace is claiming to have up to 500 million user credentials he/she is now attempting to sell online."