One of the widely used web based email services used has been confirmed to be hacked. At least 500 million accounts was hacked in 2014 and was leaked yesterday.
It has been advised to those who have yahoo email accounts to change their password as soon as possible. Yahoo is there by alerting affected users in the breach but it’s not advisable to wait to be alerted to change your password.
Yahoo is thereby investigating these data breach with law enforcement agency and they have the notion that credentials such as users’ names, email addresses, dates of birth, phone numbers, passwords, and in some cases, encrypted and unencrypted security questions-answers were stolen from millions of Yahoo users.
Currently it’s believed this breach is from a “State-Sponsored Actor” According to Yahoo release detail.
A recent investigation by Yahoo! Inc. has confirmed that a copy of certain user account information was stolen from the company’s network in late 2014 by what it believes is a state-sponsored actor. The account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers. The ongoing investigation suggests that stolen information did not include unprotected passwords, payment card data, or bank account information; payment card data and bank account information are not stored in the system that the investigation has found to be affected. Based on the ongoing investigation, Yahoo believes that information associated with at least 500 million user accounts was stolen and the investigation has found no evidence that the state-sponsored actor is currently in Yahoo’s network. Yahoo is working closely with law enforcement on this matter.
These are the best precaution measures to use when changing your password;
- Use strong passwords.
- Enable two-factor authentication on your yahoo account.
- Change password on other sites that was previously used in your yahoo account.
- Do not ever use the same password as you do in other sites
Hope these helps. Let us know what you think by commenting below the comment section.