Yahoo has just posted information concerning a newly found breach of its systems. This hack of Yahoo systems appears to be unrelated to a previous announced breach in September 2016. This time the Yahoo breach is reportedly affecting an astronomical 1 Billion (yes that is a B in that number) user accounts, as per Yahoo –
Based on further analysis of this data by the forensic experts, we believe an unauthorized third party, in August 2013, stole data associated with more than one billion user accounts
Per the posting by Yahoo
Law enforcement provided Yahoo in November 2016 with data files that a third party claimed was Yahoo user data. We analyzed this data with the assistance of outside forensic experts and found that it appears to be Yahoo user data. Based on further analysis of this data by the forensic experts, we believe an unauthorized third party, in August 2013, stole data associated with more than one billion user accounts. Yahoo has not been able to identify the intrusion associated with this theft. We believe this incident is likely distinct from the incident we disclosed on September 22, 2016. We are notifying potentially affected users and have taken steps to secure their accounts, including requiring users to change their passwords. Yahoo has also invalidated unencrypted security questions and answers so that they cannot be used to access an account.
Separately, our outside forensic experts have been investigating the creation of forged cookies that could allow an intruder to access users’ accounts without a password. Based on the ongoing investigation, the outside forensic experts have identified user accounts for which they believe forged cookies were taken or used in 2015 or 2016. The company is notifying the affected account holders, and has invalidated the forged cookies. We have connected some of this activity to the same state-sponsored actor believed to be responsible for the data theft we disclosed on September 22, 2016.
Yahoo reports that they are notifying affected users, will be posting additional information on the Yahoo website, in addition to securing user accounts by requiring users to change their passwords, and invalidating security questions and answers if they were unencrypted.
What Should You Do Now If You Use Yahoo
Yahoo is advising all its users to do the following
- Change your password and any security questions / answers you have set up for password recovery on any Yahoo accounts, (AND ALSO!!!!) on any other site that you use the same user name / password or security question. So if you have the same info Google, Social Media (Facebook, Instagram, etc.), Your Bank, or anyone else as you do for Yahoo, you need to go to all those sites and make changes to your information as well.
- Keep an eye on all your account activity for suspicious activity. That could include emails in the sent box you didn’t write, as an example.
- Be care if you receive any unsolicited communications that ask for your personal information or any communications that ask you to go to links they send to update your info. Just because the email says it’s from Yahoo with a link in it, DOES NOT MEAN ITS LEGIT!
- Avoid clicking on any links or downloading attachments from emails if you are not sure who sent it. Even if it appears that someone you know sent you an email with a link or attachment, if you were NOT expecting it, check with the sender. Make sure they were not hacked.
If you would like to read the complete security notice post from Yahoo with addition information you can find it here – https://help.yahoo.com/kb/SLN27925.html
- Yahoo – Security Notice