Thursday, March 28, 2024
HomeThe WebHackingNews: Yahoo Announces New Breach

News: Yahoo Announces New Breach

Yahoo has just posted information concerning a newly found breach of its systems. This hack of Yahoo systems appears to be unrelated to a previously announced breach in September 2016. Yahoo Announces New Breach

security locks meme

According To Yahoo 

This time the Yahoo breach is reportedly affecting an astronomical 1 Billion (yes that is a B in that number) user accounts, as per Yahoo –

  • Based on further analysis of this data by forensic experts, we believe an unauthorized third party, in August 2013, stole data associated with more than one billion user accounts

Per the posting by Yahoo

What happened?

Law enforcement provided Yahoo in November 2016 with data files that a third party claimed was Yahoo user data. We analyzed this data with the assistance of outside forensic experts and found that it appears to be Yahoo user data. Based on further analysis of this data by the forensic experts, we believe an unauthorized third party, in August 2013, stole data associated with more than one billion user accounts. Yahoo has not been able to identify the intrusion associated with this theft. We believe this incident is likely distinct from the incident we disclosed on September 22, 2016. We are notifying potentially affected users and have taken steps to secure their accounts, including requiring users to change their passwords. Yahoo has also invalidated unencrypted security questions and answers so that they cannot be used to access an account.

Separately, our outside forensic experts have been investigating the creation of forged cookies that could allow an intruder to access users’ accounts without a password. Based on the ongoing investigation, the outside forensic experts have identified user accounts for which they believe forged cookies were taken or used in 2015 or 2016. The company is notifying the affected account holders, and has invalidated the forged cookies. We have connected some of this activity to the same state-sponsored actor believed to be responsible for the data theft we disclosed on September 22, 2016.

Yahoo Announces New Breach

Yahoo reports that they are notifying affected users, and will be posting additional information on the Yahoo website, in addition to securing user accounts by requiring users to change their passwords, and invalidating security questions and answers if they were unencrypted.

What Should You Do Now If You Use Yahoo

Yahoo is advising all its users to do the following

  • Change your password and any security questions/answers you have set up for password recovery on any Yahoo accounts, (AND ALSO!!!!) on any other site that you use the same username/password or security question. So if you have the same info on Google, Social Media (Facebook, Instagram, etc.), Your Bank, or anyone else as you do for Yahoo, you need to go to all those sites and make changes to your information as well.
  • Keep an eye on all your account activity for suspicious activity. That could include emails in the sent box you didn’t write, as an example.
  • Be careful if you receive any unsolicited communications that ask for your personal information or any communications that ask you to go to links they send to update your info.  Just because the email says it’s from Yahoo with a link in it, DOES NOT MEAN ITS legitimate!
  • Avoid clicking on any links or downloading attachments from emails if you are not sure who sent them.  Even if it appears that someone you know sent you an email with a link or attachment if you were NOT expecting it, check with the sender.  Make sure they were not hacked.

If you would like to read the complete security notice post from Yahoo with additional information you can find it here – https://help.yahoo.com/kb/SLN27925.html

Source

anovelo
anovelo
25 Yrs. of professional experience in Technology. Experience with technology implementation and systems management at numerous 5 Star Hotels, and Stadiums across North America. Head of Tech Geek and More since 2009
RELATED ARTICLES

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Popular

Recent Comments