Names, email addresses, telephone numbers, dates of birth, hashed passwords (using MD5) and, in some cases, encrypted or unencrypted security questions and answers were stolen from over one billion Yahoo accounts during two separate hacks in 2013 and 2014.
It has now been revealed that Australian politicians, senior Defence officials, police and judges – including Shadow Treasurer Chris Bowen, Liberal MP Andrew Hastie, Social Services Minister Christian Porter, Victorian Premier Daniel Andrews, opposition health spokesperson Catherine King and Liberal senator Cory Bernardi – were among those whose accounts were compromised.
The ABC reports US company InfoArmor contacted the Australian Department of Defence via NSW Police in October 2016 (two months before the breach was announced to the public) with data detailing over 3,000 Yahoo accounts – linked to Australian Government email accounts – which had log-in information stolen.
The account holders in question were able to be identified due to using their official government email addresses as back-up or recovery emails.
With one billion accounts hacked, if you have a Yahoo account, you’re likely among them. Here’s our guide on what to do to protect yourself.