My heart dropped when I was alerted by CNN that Yahoo admitted today that 500 million user accounts have been compromised. As a seasoned IT professional who has been involved with the security industry for the past decade, this is probably THE worse security breach that’s occurred since the inception of the Internet.
Here are the key facts that you should be aware of regarding this breach:
- In August 2016, a person codenamed “Peace” attempted to sell what he claimed to be 200 million Yahoo user information.
- Back then, Yahoo only said they were investigating the legitimacy of the claim.
- On Sept. 22nd 2016, Yahoo issued a statement acknowledging the legitimacy of the claim. Furthermore, Yahoo confirmed the scale of the breach is actually 500 million accounts.
- Yahoo also confirmed that the information stolen contains name, username, lightly encrypted passwords, date of birth, and for some accounts, security questions and answers.
Nevertheless, till this moment, Yahoo hasn’t issued a notice to all of its users advising them to reset their passwords.
Here at CompuClever, we felt it is necessary to inform you about this event because there is a high possibility that either you or someone you know might be impacted by this incident.
Yahoo is currently working with law enforcement agencies, including the FBI, to deal with this breach. Nevertheless, we recommend you immediately take the following measures to protect your online security and personal privacy:
- Immediately change your Yahoo email password.
- If you happen to be using the same combination of username and password across multiple (non-Yahoo) online accounts, change all of the passwords. Make sure that you use a different password for every account.
- Ensure you have a legit and reputable antivirus protection with active subscription to protect your PC from any forms of cyberattack.
Further readings: