TechViews News …..
With this latest breach you may be asking, “Am I affected if I don’t have a Yahoo email account?”
Simply put, yes you are. If you have friends or family who use Yahoo, and they communicated with you, then your information is available to the hackers as well.
As emails are transmitted back and forth between service providers, a string of information ‘tid-bits’ in the email headers keep track of all the who-when-where of the process. That’s what all those seemingly meaningless numbers and letters are in the headers. (How to decode an email header will be in an upcoming article).
But what’s key here is what was accessed in the breach. Stolen user data reportedly includes not just the contents of emails, but also account user’s names, email addresses, telephone numbers, dates of birth and passwords.
And you still don’t think a hacked email account is serious? Well, it’s serious enough it exposed corruption and brought down a Presidential candidate.
There are some things you need to do immediately to protect your privacy if you have a Yahoo account:
- Change your Yahoo password AND passwords for other accounts that have that same password. (Many people re-use passwords, which puts multiple accounts at risk in a breach like this.)
- Change your security questions and answers for all accounts.
Better yet ….. Delete your Yahoo account. Don’t walk away…… Run.
It gets even worse …
Yahoo reportedly allowed a US government agency to install a spy tool onto its system so agents could secretly read incoming email.
This is shocking for several reasons:
- The US government could read every incoming email of Yahoo AND non-Yahoo customers, regardless of whether or not they were suspected of wrongdoing.
- The spy tool was actually more like a rootkit that could allow not just the government, but a hacker, unfettered access to user accounts.
- The revelation follows news of the 2014-2015 Yahoo breach, now the second largest in history.
The hacker in the breach also stole email addresses, birthdates, security questions, and even passwords, putting over 1.5 Billion customers at risk for identity theft.
And even worse still …..
Every US-based organization has to comply with government surveillance requests in accordance with the Patriot Act—and they can’t breathe a word about it legally without winning a court challenge.
If your email is provided by Gmail, Outlook or another US-based email service, it’s very possible a US government agency was reading your email in 2015 at the same time it was reading Yahoo email.
The US government could also be reading your email messages right now, but you might never know.
BE SAFE, BACK UP REGULARLY
And don’t forget to take advantage of our FREE subscription to the TechViews.org Newsletter. A must-read if you are interested in Internet Security.