Friday, September 23, 2016

Yahoo Confirms At Least 500 Million Yahoo Accounts Compromised In 2014 Attack

Yahoo has confirmed that at least 500 million Yahoo accounts were compromised in an attack in 2014, leaking customer information like names, email addresses, telephone numbers, birthdates, hashed passwords, and both encrypted and unencrypted security questions and answers. Yahoo does not believe unprotected passwords, payment card data, or bank account information was accessed, as that data is not stored in the system that was hacked. According to Yahoo, account information was stolen by a "state-sponsored actor" and the company is working with law enforcement on a full investigation.  Yahoo will notify all affected users and is asking them to change their passwords immediately if passwords have not been changed since 2014. All compromised security questions and answers have also been invalidated. Yahoo has laid out a set of 
recommendations for all customers who might have had data stolen:

-Change your password and security questions and answers for any other accounts on which you used the same or similar information used for your Yahoo account. 
- Review your accounts for suspicious activity. 
- Be cautious of any unsolicited communications that ask for your personal information or refer you to a web page asking for personal information. 
- Avoid clicking on links or downloading attachments from suspicious emails. 

- Additionally, please consider using Yahoo Account Key, a simple authentication tool that eliminates the need to use a password altogether.

No comments:

Post a Comment