by Elizabeth Weise …..
Yahoo said Thursday an investigation had confirmed information associated with at least 500 million user accounts was stolen from the company in late 2014, but only recently revealed.
Yahoo users and others should immediately take steps to protect themselves, and stay vigilant for attempted add-on attacks in the coming days and weeks.
Yahoo also owns the photos sharing site Flickr and the blogging platform Tumblr. No Tumblr accounts were affected. However, some Flickr accounts might have been, as in some cases user’s Flickr and Yahoo IDs are linked. Yahoo is reaching out to those users.
Yahoo has 1 billion people globally who engage with one of Yahoo’s properties each month.
Change passwords, security questions
Yahoo said it was taking steps to secure their accounts. That included invalidating unencrypted security questions and answers so that they could not be used to access an account. Yahoo will also ask potentially affected users to change their passwords.
Yahoo users who haven’t changed their passwords since 2014 especially should immediately change not only their passwords but also their security questions, the company said.
Review non-Yahoo accounts
In addition, users need to think about passwords and security questions from other accounts on which they gave the same or similar information used for their Yahoo account and possibly change them as well.
Once hackers have access to ID and password information for one system, they routinely try the same combination against multiple other platforms to see which ones work, an easily automated process.
Users should avoid clicking on links or downloading attachments from suspicious emails that claim to be updates from Yahoo or others about the breach.
Hackers often use news of big breaches to conduct “phishing” campaigns, sending official-looking emails that make it seem as if Yahoo or other legitimate services are asking them to supply information or click through to a link to repair any damage — something legitimate services will not do.
When in doubt, call or email the company that appears to be sending the message separately, don’t go through the email you’ve been sent.
Yahoo users should be cautious of all unsolicited communications that ask for personal information, the company said.
Finally, all users should review their online accounts for suspicious activity. That includes banks, credit card companies and hotel and airline loyalty programs.
Please Subscribe on our Home Page to receive updates as soon as they are published.
And please feel free to comment below, or visit our “Comments and Discussion” page and tell us what you think.
For data source please write the editor.