Yahoo faces SEC probe into its two record-breaking data breaches

Internet giant Yahoo has confirmed it is to be investigated by the US Securities and Exchange Commission (SEC) in connection with two major data breaches discovered at the company last year. In a November 2016 quarterly filing, the company said it was “cooperating with federal, state and foreign” agencies, including the SEC, as first revealed … More Yahoo faces SEC probe into its two record-breaking data breaches

Half a billion Yahoo users victim to ‘biggest data breach in history’

Yahoo has confirmed that half a billion users may have had their data stolen in what has been described as the ‘biggest data breach in history’. The company said it believes that the sensitive information – which includes names, email addresses, hashed passwords and phone numbers – was stolen from its network in late 2014 … More Half a billion Yahoo users victim to ‘biggest data breach in history’

65 million Tumblr users should probably be careful…

Earlier this month, Tumblr revealed that it had recently become aware that user addresses and salted and hashed passwords dating back to 2013 had fallen into the hands of hackers. We recently learned that a third party had obtained access to a set of Tumblr user email addresses with salted and hashed passwords from early … More 65 million Tumblr users should probably be careful…

42,000 Irish emails breached? Change passwords now!

ESET Ireland recommends Irish computer users change their email passwords in light of the suggested global email breach. Last week it was reported a massive global email breach has occurred. Allegedly 272 million email accounts were compromised in one of the largest revealed data breaches to date. ESET Ireland, however, cannot confirm this, as the … More 42,000 Irish emails breached? Change passwords now!

One-third of HTTPS websites left vulnerable to DROWN attack

A new vulnerability could leave as many as one-third of HTTPS websites open to decryption, meaning that sensitive data including usernames, passwords and credit card numbers could be at risk. The vulnerability has been dubbed DROWN (Decrypting RSA with Obsolete and Weakened eNcryption) and affects servers using an SSLv2 certificate. The website for DROWN states that as many as 33% of sites … More One-third of HTTPS websites left vulnerable to DROWN attack