On Sept. 22, 2016, Yahoo Inc. confirmed that 500 million email accounts had been compromised in a 2014 hack. This is currently one of the largest cyber security breaches ever recorded. Personal information including names, email addresses, phone numbers, dates of birth, passwords, and encrypted security questions and answers were stolen in the breach. Initial reports show no evidence that payment card or bank data was lost.
Yahoo, who discovered the breach while conducting an internal investigation, says the attack was done by a “state-sponsored” hacker, meaning that the cyber thief was likely acting on behalf of a government. Yahoo is working closely with the authorities, and affected users are being notified.
If You’ve Been Hacked
Anyone affected by the hack or who has not reviewed his or her Yahoo account since 2014 should change his or her password and security questions immediately. To further secure all of your online accounts, it’s important to do the following:
- Change your passwords. Oftentimes a company won’t be able to tell you that your information has been compromised until it’s too late. To protect yourself and your personal information, it’s important to change your password often. That way, even if you are hacked, your old password will be of no use to a cyber criminal.
- Avoid using the same password more than once. Using the same password across multiple accounts is common, but this is a dangerous practice. This is because if a hacker is able to get his or her hands on just one of your passwords, he or she can use it on other accounts, increasing the potential for lost information.
- Create complex passwords. Complicated passwords are harder to guess. As such, avoid common phrases, names or clichés. If possible, use a mixture of numbers, letters and special characters.
- Update security questions. As was the case with the Yahoo breach, security questions can be stolen by cyber criminals. Because of this, it’s important to update security questions often to avoid getting hacked.
To read Yahoo’s official press release on the hack and to learn more about what to do if you’ve been affected, click