Prilock Security Training Blog

Securing Digital Lives

Yahoo hack: Here’s how to protect yourself

Earlier this week it was revealed that hackers managed to steal the private data from some 500 million Yahoo accounts.

The tech giant, now under pressure to explain how the 2014 cyberattack occurred and why it has only just come to light, has said the attack could have been state-sponsored.

 

 

Yahoo has confirmed the attack, which is believed to be the biggest of all time, contained information including customer names, birthdates, hashed passwords, and even security questions and answers.

The US tech giant said the stolen data did not include credit card, bank details or any unprotected passwords.

What should you do now?

If you use a Yahoo account, you are probably wondering where the data breach leaves you and what you should do next in order to prevent your private data getting into the hands of cyber criminals.

Your first step should be to change the password on your Yahoo account.

However, this probably isn’t enough, with Yahoo also urging account holders to change their passwords on any linked accounts from sites such as Yahoo sports, Tumblr and the photo sharing site Flickr.

Yahoo says changing your password is particularly important if you haven’t updated it since 2014.

Perhaps more importantly, you should also change your password if you have used the same password across multiple online accounts.

Yahoo has said it is in the process of contacting any users who could be at risk following the attack. Even if you are not contacted by Yahoo, it is still advisable to update your login credentials.

Why is the 2014 cyber attack only coming to light now?

Yahoo is yet to give any official statement on why it has taken almost two years to tell users their email accounts may have been hacked. The true reason could be that Yahoo has only just found out about the hack, although there has been speculation dating back months that the company had been targeted.

Therefore, the question has to be asked why Yahoo didn’t warn users as a precautionary measure that an attack may have taken place and urge them to change their passwords.

Who is responsible?

It is not known who carried out the attack or why.

Yahoo has said the attack was “state-sponsored” but is yet to publicly present any evidence for this, or say which state may be responsible or why.

Critics have said that Yahoo is using the state sponsored line as a way of trying to divert attention from the fact that its security has been breached.

Are users still at risk?

If you make sure you change your password, then you should be OK. With that being said, it is impossible to say just how greater risk this hack poses to users.

Yahoo has said there is no evidence that those responsible for the attack still have access to Yahoo’s systems but this is unlikely to reassure the majority of users, whose primary concern will be the loss of their personal and the fact that this could be in the hands of cyber criminals.

Yahoo hack: Here’s how to protect yourself, and why it may affect you even if you don’t have a Yahoo account

Update your password immediately.

Follow Yahoo’s advice and don’t waste any time in updating login credentials.

Update your password on other online accounts

If you have made the mistake of reusing the same password across multiple online accounts then you need to update

Choose strong passwords

You need to ensure that no one can easily guess your password and make sure you use different passwords across all your accounts.

Use lower and upper case letters, numbers, and symbols

Avoid using full words and instead think about creating passphrases that also include upper and lowercase letters, symbols and numbers. Don’t use things like the name of your pet followed by the year you were born!

Regularly change your passwords

Get into the habit of updating your passwords, especially if you hear about a suspected data breach.

Find the Original Article Here