Finally moving on from the shock of the Dropbox hack? Sorry, but we have even more bad news to share. Yahoo recently confirmed that at least 500 million user accounts had been stolen in what may be the biggest data breach of all time.
To make matters worse, the Yahoo hack didn’t happen recently. User information was actually compromised back in 2014. What’s even more shocking is that another country may have been behind the attack.
Apparently, a “state-sponsored actor” may be to blame for the Yahoo hacking. What does this mean? Essentially, a foreign country hacked into Yahoo’s systems. People are pointing fingers at the usual suspects: China, Russia or North Korea. Yahoo is currently working with the FBI to get to the bottom of this breach and figure out the who, what, why and how.
What did the hackers steal?
According to a recent statement, the theft may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (mostly bcrypt) and encrypted or unencrypted security questions and answers. The good news is that there’s no evidence that unprotected passwords or billing information was stolen.
Who was affected by the Yahoo hack?
Fortunately, not everyone was affected by the Yahoo hacking. Yahoo uses “hashing” to protect their passwords, meaning it will take hackers a lot of time and computing power to crack them.
But (there’s always a but) many people still use weak, common passwords like “password,” “123456” or “muffin.” Hackers can crack these passwords in no time at all by using computer programs.
What can you do?
If you haven’t already, change your password and security questions and answers. We’re talking ASAP. Even if you think your account wasn’t affected, it’s better to be safe than sorry.
Do you use the same or a similar password for another account? What about security questions and answers? If so, Yahoo recommends updating all of the above too. You don’t want hackers logging into your Amazon account and buying 10,000 emergency inflatable rubber chickens (you never know when one of those will come in handy) or worse.
Also, keep an eye out for any suspicious activity. Beware of any unexpected emails that ask for your personal information or send you to a web page asking for personal information. Yahoo also recommended looking into Yahoo Account Key, an authentication tool that eliminates the need for a password.
As of February 2016, Yahoo had 1 billion monthly active users. Whether or not their reputation as a trusted email provider will take a hit remains to be seen.
With cyber security breaches increasing in frequency, you may be wondering, is my company safe?
We hate to say it, but no company is invincible. Everyone is a potential target of cyber security threats.
So, where does that leave you? Is there anything you can do to protect your data and prevent breaches like Yahoo’s?
Don’t let your data become a sitting duck for hackers. Learn how to adopt a strategic approach to data security by downloading our guide Security, Manageability, and Reliability: The Keys to Safe Data below.