Yahoo Japan suspects 22 million user IDs stolen

Yahoo Japan Corp is investigating on a possible data breach that may have exposed 22 million user IDs stolen during an unauthorized access to web portal.

Yahoo Japan Corp is investigating on a possible data breach that exposed the user IDs of 22 million accounts, another shocking event that raise the necessity to improve security level of customer’s data.

22 million user IDs may have been stolen during an unauthorized access to the administrative system of Yahoo! Japan web portal,  the announce has been done by the same company:

“We don’t know if the file (of 22 million user IDs) was leaked or not, but we can’t deny the possibility given the volume of traffic between our server and external terminals,” the company reported in an official statement.

Why Yahoo! Japan?

Yahoo! Japan is controlled by Japan’s mobile phone operator SoftBank (35.5%) and  Yahoo! Inc (34.7%), what is interesting is the market share of the portal Yahoo! Japan that holds 50% of the top search engine position in Japan, a figure superior to the Google concurrence at 40%, it’s clear that the corporation represents a privileged target of cyber criminals and state-sponsored hackers.

Which information has been stolen exactly?

According first investigation it seems that the exposed information doesn’t include any data that could be used to identify the user’s identity or that could be exploited successively to force password reset.

Yahoo! has immediately started the incident response procedure adopting any countermeasure to prevent further incidents.

On the case is also working the Japan’s national police agency that recently announced the  launch an investigation team specialized in cybercrimes, let’s remind that in the last years the Japan has been hit by a huge quantity of cyber attacks that interested the Japan Aerospace Exploration Agency, Sony and Government itself.

Pierluigi Paganini

(Security Affairs – Data Breach)