Yahoo confirmed late Thursday that they had been breached. Data from 500 million accounts was stolen. Yahoo claims it was a victim of a state sponsored attack, or a foreign government was responsible for the theft. Here is the part that is so terrible. The breach occurred in late 2014 but Yahoo is just now releasing the information.
What does this mean to you?
“The account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers,” Yahoo said in a statement.
This means a good deal of your personal information has been stolen if you have a Yahoo account. The good thing is that no financial data like credit card numbers or banking information was stolen.
What do you need to do now?
Log into your Yahoo account and immediately change your password. Make sure it’s a complex password using both upper and lower letters, numbers, and special characters like !@#$%%.
Also change your security questions. These are the questions that you can use to reset your password if its lost. Changing only your password won’t be enough. You must also change these questions since the those that stole the data could just use these questions to reset your changed password.
If you use the same security questions and answers for other online accounts, you will need to change those as well. With that information, hackers could use the information taken from Yahoo to gain access to your other online accounts. These accounts could contain even more sensitive information.
Don’t choose obvious questions and don’t use answers that are easily found about you during an online search like Google, social media sites, etc.
Here are step by step instructions on how to do this from Yahoo.
You can also enable two-factor authentication. A password alone isn’t a strongest defense you can have for your accounts. Most services like Google, Facebook, and Yahoo offer two-factor authentication. This is a second code that is generated only once and can only be used at that moment to log into your account. The code will usually be sent to your mobile phone via text message. Yahoo is
Yahoo has recommended that everyone enable two-factor authentication using the Yahoo Account Key. Using this will eliminate the need to memorize your Yahoo account password.
If you’d like more information on what may be the largest data breach of all time, head over to CNN for all the details.