Yahoo has just announced that at least 500 MILLION Yahoo accounts have been hacked, which apparently happened back in 2014. (Thanks for warning us, Yahoo.)
We’re not the first to report this, but the news just broke today and we are strongly recommending that anyone with a Yahoo account change your password immediately, even if you haven’t logged into Yahoo in years. The details are still coming in, but so far there is no indication that credit card data or other financial information was stolen, although user names, passwords, security questions and other personal information such as birthdays may very well have been taken, also. The biggest risk is most likely the fact that people might be using the same password for Yahoo that they are using for other websites, such as their online banking or credit card purchases. So, if you want err on the side of caution, we suggest changing your account password on Yahoo and any other websites where you were using the same password.
Of course, on whatever website you are on as a user, you should feel secure. Unfortunately, hackers were able to get into Yahoo, but other websites are taking more precautions now than ever before to maintain users’ security. Services offered from companies like Castle include risk-based authentication to analyze any anomalies and non-human user activity. Companies can use these services to take the stress off users to try and protect their accounts with complicated passwords, and the frustration that can come for business owners with angry and hacked users. You can learn more at https://castle.io/product/risk-based-authentication/.
How do I pick a good password? That’s a very common question, and the answer is mostly common sense. First of all, the longer it is, the better, with a minimum of 8 characters – this is no time to be lazy. Do not use common names or dictionary words, for one thing. That is the first thing that hackers try when they perform a brute force attack with millions of combinations of numbers and letters. Use upper case and lower case letters, mix in some numbers and then throw in at least one special character (like $ or % or *). A popular way of coming up with a secure password is to use the first letter from each word in a sentence or phrase that you will find easy to remember. For example, the phrase “I saw Paul Simon in concert back in 1987!” would translate into the password IsPSicbi1987!. That’s probably not going to be an easy password to hack, one would think…
There are other measures that you can take in order to be even more secure, such as two-factor authentication, but for now you should start by changing your Yahoo password ASAP. Also, be sure to check your security questions and change them, plus make sure that you are not using those security questions anywhere else (which you probably are).
These articles will offer more information and safety tips that you can follow up on later:
- ZDNET: http://www.zdnet.com/article/how-to-protect-your-busted-yahoo-account/
- CNN: http://money.cnn.com/2016/09/22/technology/yahoo-data-breach/
- TIME: http://time.com/4504901/yahoo-hack-passwords-logins/
- CNET: https://www.cnet.com/news/yahoo-500-million-accounts-hacked-data-breach/
We will end this post with the same tagline that we end just about every blog post with: Let’s be careful out there!
-The PJ Networks Team
