Friday 23 September 2016

Are you a Yahoo user? Do this right now

Yahoo user

Yahoo's massive data breach could affect hundreds of millions of users. USA TODAY

SAN FRANCISCO — Yahoo said Thursday an investigation had confirmed information associated with at least 500 million user accounts was stolen from the company in late 2014.
Yahoo users and others should immediately take steps to protect themselves, and stay vigilant for attempted add-on attacks in the coming days and weeks.
Yahoo also owns the photos sharing site Flickr and the blogging platform Tumblr. No Tumblr accounts were affected. However, some Flickr accounts might have been, as in some cases user’s Flickr and Yahoo IDs are linked. Yahoo is reaching out to those users.
Yahoo has 1 billion people globally who engage with one of Yahoo's properties each month.
Yahoo breach:
“I've actually changed my password since this breach in 2014, but regardless I'm never happy to hear about something like this,” said Mike Rhode of Arlington, Va., a user of Flickr and Yahoo Groups. “However, as a long term employee of the Federal Government, I've had my data compromised twice, and have largely resigned myself to this type of issue being an ongoing problem in today's world.”

Change passwords, security questions

Yahoo said it was notifying potentially affected users and taking steps to secure their accounts. That included invalidating unencrypted security questions and answers so that they could not be used to access an account. Yahoo will also ask potentially affected users to change their passwords.
Yahoo users who haven't changed their passwords since 2014 especially should immediately change not only their passwords but also their security questions, the company said.
Users should also consider enabling two-step authentication on their Yahoo accounts, to provide an extra and very strong level of security. This form of verification sends a text message or call to the user's phone with a code as a second verification step. The code which must be typed in before the account can be opened.

Review non-Yahoo accounts

In addition, users need to think about passwords and security questions from other accounts on which they gave the same or similar information used for their Yahoo account and possibly change them as well.
Once hackers have access to ID and password information for one system, they routinely try the same combination against multiple other platforms to see which ones work, an easily automated process.
Users should avoid clicking on links or downloading attachments from suspicious emails that claim to be updates from Yahoo or others about the breach.
Hackers often use news of big breaches to conduct "phishing" campaigns, sending official-looking emails that make it seem as if Yahoo or other legitimate services are asking them to supply information or click through to a link to repair any damage — something legitimate services will not do.
When in doubt, call or email the company that appears to be sending the message separately, don't go through the email you've been sent.
Yahoo users should be cautious of all unsolicited communications that ask for personal information, the company said.
Finally, all users should review their online accounts for suspicious activity. That includes banks, credit card companies and hotel and airline loyalty programs

No comments:

Post a Comment