Computer hackers swiped personal information from at least 500 million Yahoo accounts in what is believed to be the biggest digital break-in at an email provider. The massive security breakdown disclosed Thursday poses new headaches for beleaguered Yahoo CEO Marissa Mayer as she scrambles to close a $4.8 billion sale to Verizon. Here’s all you need to know about the hacking attcak and how you can protect yourself.
What got stolen?
Yahoo says ‘account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords, and in some cases encrypted or unencrypted security questions and answers’.
What did not get stolen?
- Unprotected passwords, payment card data or bank account information
- Yahoo claims payment card data and bank account information not stored in system the investigation has found to be affected.
Has Tumblr also been hit?
- Systems from which the data was stolen contained no Tumblr user data at the time of the theft Yahoo has said.
- But it’s always safer to change the password and the account information as well.
What’s the first thing you must do?
- Users need to change their account passwords.
- If you have credit card or bank information linked with Yahoo, it’s time to review that data and secure it as well.
- Yahoo has also begun notifying ‘potentially affected users’ and invalidated unencrypted security questions and answers so they cannot be used to access an account, so you’ll need to change these as well.
- Anyone who has not changed their password since 2014 needs to do it immediately
- When you log in to your Yahoo account you should get the security notice, which will ask you to change to your account security information.
- User should review accounts for suspicious activity. Check if emails have been sent which you didn’t send, monitor your credit card activity as well.
- Ignore mails that ask for your personal information of refer you to a web page asking for personal information. Just mark them as spam.
- Don’t download links or attachments from unknown senders or suspicious email accounts.
- Use Yahoo Account Key to avoid use of password.
Don’t use your password for any other account
If you use a different password for every account you have, then those accounts will stay safe even if one of your online accounts gets comprosmised. If you were to use the same password for every site, one site’s breach can mean trouble.