Yahoo

Yahoo data breach payout blocked by judge

Yahoo logo
Getty Images

A judge has rejected Yahoo's attempt to draw a line under a series of breaches it experienced between 2013 and 2016.

The firm had proposed a payout to lawyers acting on behalf of affected US and Israeli users.

But while the deal said the attorneys could claim up to $37.5m (£28.5m) in fees and costs, it did not disclose the sum reserved for victims.

The California judge also objected to Yahoo being too vague about what remedial steps it was taking.

Yahoo fined £250,000 over cyber-attack

Yahoo logo
AFP

Talking of computer breaches and that Yahoo case, a reminder that yesterday Yahoo's UK arm was fined £250,000 ($335,000) by the UK Information Commissioner's Office (ICO) for that data breach, which affected more than 500 million users.

The breach took place in 2014, and the incident was reported two years later.

The firm said state-sponsored hackers had stolen personal information, which included names, emails, unencrypted security questions and answers.

The ICO said Yahoo had failed to take appropriate measures to protect it. Yahoo said it did not comment on regulatory action.

Dixons data breach 'could be biggest ever in UK'

BBC Radio 4

Currys PC World store
Dixons Carphone
Dixons Carphone also owns Currys PC World

The data breach at Dixons Carphone could be the biggest ever in the UK, according to Bryan Glick, editor of magazine Computer Weekly.

"I think it looks like it is right up there," he tells BBC Radio Four. "Yahoo had three billion users worldwide affected a huge proportion were in the UK.

"Some of the [Dixons Carphone] custoers might not know they were affected. The firm says pin numbers and three digit numbers on the back oif cards were not affected, which would make the cards very hard to use.

"If they have not been in touch with you, then you have probably not been affected. But if you are worried get in touch with Dixons Carphone to get some advice from them."

BreakingYahoo fined £250,000 for cyber-attack

Yahoo! sign
PA

Yahoo UK has been fined £250,000 for a cyber-attack in November 2014 that may have breached more than eight million UK accounts.

Yahoo, which is now owned by Verizon, said in 2016 that at least 500 million accounts worldwide had been hacked two years earlier.

The Information Commissioner's Office said it focused on the 515,121 UK accounts that London-based Yahoo UK Services oversaw as a data controller. Compromised personal data included names, email addresses, telephone numbers, dates of birth, hashed passwords, and encrypted or unencrypted security questions and answers.

"The failings our investigation identified are not what we expect from a company that had ample opportunity to implement appropriate measures," said the ICO's James Dipple-Johnstone. "It's no good locking the door if you leave the key under the mat."

Yahoo UK did not immediately respond to a request for comment.

Yahoo hacker sentenced to five years in prison

Yahoo Mail on a smartphone
Reuters

Karim Baratov, 23, a Canadian computer hacker behind the massive Yahoo security breach, has been jailed for five years and ordered to pay a fine of $25,000.

The FBI claims that Mr Baratov was paid to hack thousands of Yahoo email accounts by the Russian government over seven years.

Using phishing sites, Mr Baratov tricked Yahoo Mail users into entering their login details into fake password reset pages, and then logged into the accounts to steal data from them.

Mr Baratov claims he did not know he was working for a Russian government agency.