What You Need to Know About the Recent Yahoo Data Breach

If you are a Yahoo Mail user, you most probably received an email notification about a data breach that took place at Yahoo servers not so long ago. In this post, we will go over the details of this Yahoo breach and what actions you need to take, if any.

Thumbnail Blaster - Video Thumbnail Creation Software

If you have never used any of the Yahoo! services such as Yahoo Mail, Yahoo Messenger, Flickr, Yahoo Answers, Tumblr or others, you have nothing to worry about and you can just skip this post. However, if you have used at least one of the Yahoo services and created an account on one of them (especially the Yahoo Mail service), then you should pay attention to what will be discussed in the rest of this post.

Yahoo has been one of the top 10 most visited websites for so many years now and its mail service is highly popular as it is (in my opinion) the best email account service. Yahoo services such as Flickr is one of the most popular photo sharing sites, Yahoo Answers is one of the most popular question and answer sites and Tumblr is one of the most popular free blogging websites. In short, Yahoo and its services are visited and regularly used by hundreds of millions of people around the world on a daily basis.

Even multi-billion dollar companies and websites such as Yahoo may experience security issues and be the target of hack attempts and attacks. Recently, Yahoo issued an account security notice to some of its users due to a data breach that happened in late 2014. In this post, we will take a detailed look at what happened, how users were affected and whether or not you need to do anything as a Yahoo user.

Also Check These Useful Tips:
5 Free Online File Storage Sites
Is It Possible to View Private Facebook Profiles?
14 Websites to Download Free Premium WordPress Themes
6 Tips to Use Google Translate More Effectively
Pin It Button for Mozilla Firefox
How to Check Instagram Search History

The Details About the Yahoo Data Breach

As mentioned above, Yahoo sent account security notification emails to its users about this issue a while ago. That email briefly explains what happened and what you need to do. If you haven't received or somehow deleted the notification email Yahoo sent about the hack, you can still get detailed information on the following links:

Yahoo Account Security Issue FAQ
Yahoo Security Notice (available in multiple languages)

You will also see links to these pages on the Yahoo login screen.

What You Need to Know About the Recent Yahoo Data Breach

The summary of the information provided on those support pages is as follows:

Yahoo noticed during an investigation (which is still continuing as of writing this post) on their network that a data breach had taken place in late 2014, which consisted of copying of some user account information. My understanding is that this was only spotted recently, hence the delay in issuing notifications. Who conducted the hack is not certainly known (or made public) but it is suspected to be an entity that is state-sponsored.

The extent of the data breach is not certainly known but it is assumed that personal contact information such as names, email addresses, phone numbers, birth dates and hashed passwords (not raw passwords) may have been stolen. However, credit card or bank information are not stolen hence they are stored in a different system. Furthermore, it is stated that Tumblr accounts were not affected as they are also on different systems

After the data breach was identified, Yahoo has been taking necessary steps to protect user accounts such as notifying affected users, enhancing systems against unauthorized access, invalidating unencrypted security questions, and continuing the investigation. In addition to that, you can also do a few things to ensure and enhance your account security.

What You Need to Do About the Yahoo Hack

Here are a couple of things that you can do to ensure the safety of your Yahoo account.

Change Your Password

First and foremost, it is recommended that you change your password, your security questions and use different ways for verifying your account. You should choose a secure password and also consider installing antivirus software on your computer and phone/tablet for protection against any kind of online threats.

Note that, if you are using the same login credentials on other websites, it is better to also change them.

Review Your Yahoo Account

Sometimes, accounts are breached without getting stolen or deleted. The entities who steal the account continue to use it without leaving any tracks. Therefore, it is recommended that you check your account, your mail and other Yahoo services attached to that account and see if any suspicious activity has taken place.

Beware Fake Yahoo Hack Notifications

Some ill-purposed people may use this issue as an "opportunity" to send spam emails to Yahoo users with fake links which if clicked may lead to account theft. Always pay attention to the information and links within any email that you receive from (seemingly) legit websites. Don't click the links or open the attachments in emails if you feel anything suspicious about them. Also don't forget to report spam emails.

Yahoo’s Account Key

As an additional security step, you can use Yahoo’s Account Key service which sends a verification to your phone as a text message. While it is useful to ensure noone other than you will be able to log in to your Yahoo account, keep in mind that it requires to have your phone near you whenever you will log in to your email.

Check Your Financial Stats

Although financial information was not stolen in this incident, it is still a good idea to review your credit card and bank account statements for any possible unauthorized activity.

This is all you need to do to minimize the effect of the Yahoo data breach and enhance the security of your account.

If you want to have your own email address rather than using an email account service, you can register a domain name of your choice (if it's available), and host your own email address. As another alternative, you can also consider using an ad-free email service.

Was this post helpful?

Please consider sharing it, and supporting us with a small tip. Thank you :)

f t g+ in