What You Need to Know About the Recent Yahoo Data Breach
If you have never used any of the Yahoo! services such as Yahoo Mail, Yahoo Messenger, Flickr, Yahoo Answers, Tumblr or others, you have nothing to worry about and you can just skip this post. However, if you have used at least one of the Yahoo services and created an account on one of them (especially the Yahoo Mail service), then you should pay attention to what will be discussed in the rest of this post.
Yahoo has been one of the top 10 most visited websites for so many years now and its mail service is highly popular as it is (in my opinion) the best email account service. Yahoo services such as Flickr is one of the most popular photo sharing sites, Yahoo Answers is one of the most popular question and answer sites and Tumblr is one of the most popular free blogging websites. In short, Yahoo and its services are visited and regularly used by hundreds of millions of people around the world on a daily basis.
Even multi-billion dollar companies and websites such as Yahoo may experience security issues and be the target of hack attempts and attacks. Recently, Yahoo issued an account security notice to some of its users due to a data breach that happened in late 2014. In this post, we will take a detailed look at what happened, how users were affected and whether or not you need to do anything as a Yahoo user.
Also Check These Useful Tips:
5 Free Online File Storage Sites
Is It Possible to View Private Facebook Profiles?
14 Websites to Download Free Premium WordPress Themes
6 Tips to Use Google Translate More Effectively
Pin It Button for Mozilla Firefox
How to Check Instagram Search History
The Details About the Yahoo Data Breach
As mentioned above, Yahoo sent account security notification emails to its users about this issue a while ago. That email briefly explains what happened and what you need to do. If you haven't received or somehow deleted the notification email Yahoo sent about the hack, you can still get detailed information on the following links:
You will also see links to these pages on the Yahoo login screen.
The summary of the information provided on those support pages is as follows:
Yahoo noticed during an investigation (which is still continuing as of writing this post) on their network that a data breach had taken place in late 2014, which consisted of copying of some user account information. My understanding is that this was only spotted recently, hence the delay in issuing notifications. Who conducted the hack is not certainly known (or made public) but it is suspected to be an entity that is state-sponsored.
The extent of the data breach is not certainly known but it is assumed that personal contact information such as names, email addresses, phone numbers, birth dates and hashed passwords (not raw passwords) may have been stolen. However, credit card or bank information are not stolen hence they are stored in a different system. Furthermore, it is stated that Tumblr accounts were not affected as they are also on different systems
After the data breach was identified, Yahoo has been taking necessary steps to protect user accounts such as notifying affected users, enhancing systems against unauthorized access, invalidating unencrypted security questions, and continuing the investigation. In addition to that, you can also do a few things to ensure and enhance your account security.
What You Need to Do About the Yahoo Hack
Here are a couple of things that you can do to ensure the safety of your Yahoo account.
Change Your Password
First and foremost, it is recommended that you change your password, your security questions and use different ways for verifying your account. You should choose a secure password and also consider installing antivirus software on your computer and phone/tablet for protection against any kind of online threats.
Note that, if you are using the same login credentials on other websites, it is better to also change them.
Review Your Yahoo Account
Sometimes, accounts are breached without getting stolen or deleted. The entities who steal the account continue to use it without leaving any tracks. Therefore, it is recommended that you check your account, your mail and other Yahoo services attached to that account and see if any suspicious activity has taken place.
Beware Fake Yahoo Hack Notifications
Some ill-purposed people may use this issue as an "opportunity" to send spam emails to Yahoo users with fake links which if clicked may lead to account theft. Always pay attention to the information and links within any email that you receive from (seemingly) legit websites. Don't click the links or open the attachments in emails if you feel anything suspicious about them. Also don't forget to report spam emails.
Yahoo’s Account Key
As an additional security step, you can use Yahoo’s Account Key service which sends a verification to your phone as a text message. While it is useful to ensure noone other than you will be able to log in to your Yahoo account, keep in mind that it requires to have your phone near you whenever you will log in to your email.
Check Your Financial Stats
Although financial information was not stolen in this incident, it is still a good idea to review your credit card and bank account statements for any possible unauthorized activity.
This is all you need to do to minimize the effect of the Yahoo data breach and enhance the security of your account.
If you want to have your own email address rather than using an email account service, you can register a domain name of your choice (if it's available), and host your own email address. As another alternative, you can also consider using an ad-free email service.
More Email Tips
Full List of Yahoo! Mail Keyboard Shortcuts How to Reverse Look Up an Email Address for Free Full List of Outlook Keyboard Shortcuts How to Add Another Email Address to Your Yahoo Mail Account How to Get Yahoo Mail in Outlook How to Recover Your Hotmail Password Email Blast Software vs. Email Marketing Services 4 Ad-Free Web Based Email Account Providers 9 Signs of Scam Emails: How to Figure Out if an Email is a Scam Best Free Web Based Email Account ProvidersEmail Tips