Updated: Yahoo Breach Announcement Confirmed
Updated 9/22/16 @ 3:15 pm (EDT).
Yahoo has now confirmed that it was breach, by what it calls “a state sponsored actor” in 2014. The hack according to Yahoo affects at least 500 million accounts (and to that can we all say DAMM!). Per Yahoo,
The account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers.
If you havent changed your password since 2014 ( and even if you have), its HIGHLY RECOMMENDED that you change your password. Also NOTE, yahoo said it may have also included security questions. So you should change those too, and remember if you use yahoo email as your sign in on other sites, with the same password, change the info in all those places TOO! For additional info visit the Yahoo Account Security FAQ
There have been many reports of a possible data breach at Yahoo, that could affect 200 million accounts. Yahoo even admitted that they were “investigating” the reports a few months back. Well it seems now, if a report by Recode is correct, that Yahoo will admit, this week, it had a breach.
According to the report by Recode, a hacker by the name of Peace has the data and is selling it on what is known as the dark web.
So knowing this is a possibility, what should you be doing.
To Do List
Do you have a yahoo account? It doesn’t matter if you havent logged in since y2k! Do you have an account? If you opened an account and never went in to close it, you have an account.
- Log into your yahoo account and change your password. If you haven’t used your yahoo account in years, CLOSE YOUR ACCOUNT.
To Reset Your Password – Visit the Yahoo Info Page (https://login.yahoo.com/account/personalinfo) -> Log In and then click on Account Security -> Followed By Clicking on Change Password.
To Close Your Account – Visit the “Terminating your Yahoo account” page (https://edit.yahoo.com/config/delete_user)
If you use a phone number to sign in – visit yahoo’s alternative account termination page (https://login.yahoo.com/account/action/delete_user) instead.
- Read the information under “Before continuing, please consider the following information.” Because terminating your Yahoo account also terminates account access to sites like HotJobs, Yahoo Mail, and Flickr among others.
- Confirm your password.
- Click Terminate this Account.
- Do you have any other accounts that have you log in with an email address? Are any of those accounts using your Yahoo email as the user name? If the answer is yes, go to those accounts and change your password on those accounts. You may be asking why? Well 2 things
- Most people use the same password everywhere, so you need to change it.
- As remote as it may sound, if they have your account info they can log into your email and see emails from other accounts and know what you have/use. It’s not that crazy.
Yahoo is a shell of what it used to be, but back in the day it was to the Internet what social media (Facebook, Instagram, Twitter, etc. ) is today. The breach is still “a rumor” as Yahoo themselves have NOT confirmed anything. It could be a false alarm or it could be one of the biggest ever. In either case, changing your password now and regularly on all your accounts (as much of a pain in the asset as it is) is always a good idea.