Yahoo is looking into claims that it has become the latest high-profile victim of a major data breach. It is thought up to 200 million accounts are affected.
If found to be true, it is thought to be connected to an unknown individual who refers to himself as Peace.
He has already claimed responsibility for historic data breaches at LinkedIn, Myspace and Tumblr, which, while revealed recently, are thought to go back as far as 2012.
Equally, it is thought that this incident is not recent, with Peace telling Motherboard that “he has been trading the data privately for some time”.
According to the BBC, Peace is now selling this cache of data online on a digital black market, via the dark web.
Personal information of Yahoo users, including usernames, passwords and dates of birth can be acquired for three bitcoins (£1,360).
Responding to news of this in an official statement, Yahoo said that it “works hard to keep our users safe”.
It added: “We always encourage our users to create strong passwords, or give up passwords altogether by using Yahoo Account Key, and use different passwords for different platforms.”
Nobody knows yet how Peace has managed to access all of this information, although, he has claimed in an interview with Wired that “all these [organizations] have been hacked through [a now disbanded] team”.
“There is a lot of money to be made there, as [well as] in selling to private buyers looking for specific targets,” he later added.
