

Yahoo, KrebsOnSecurity, OVH, and last.fm feature on CBR’s list.
This month’s round-up of cyber attacks is a story of extremes. The biggest data breach, a novel type of attack on a scale never seen before, and the biggest DDoS attacks – a record that was this month broken twice.
CBR delves into the month’s cyber activity and draws out the worrying figures.
1. Yahoo
Yahoo is the most notable cyber hack on this list for two main reasons: its sheer size and the controversy over how long it took for it to be reported.
This is the largest known data breach ever, with Yahoo reporting that 500 million user accounts have been stolen during the breach.
The data includes names, emails, telephone numbers, date of births and hashed passwords.

The hack took place in 2014 but was only disclosed in September 2016. This is already generating lawsuits and interventions from influential politicians in the US.
For example, a California-based group of plaintiffs filed a class action on behalf of all of those affected by the breach. This was done under several parts of the California Civil Code such as the Consumer Legal Remedies Act, the Federal Stored Communications Act and the Unfair Competition Act. A man called Ronald Schwartz has also filed a suit in New York against Yahoo.
In addition, an influential group of senators wrote a letter to Yahoo CEO Marissa Mayer
According to data protection company Varonis, Yahoo might face action from California authorities over the delay in reporting the breach.