It has been described as possibly the largest data hack of all time. On Sept. 22nd, 2016, Yahoo Inc. confirmed that 500 million accounts had been compromised in a 2014 hack. This massive data breach was discovered while Yahoo was conducting an internal investigation. Yahoo claims this was an attack carried out by a “state-sponsored” hacker, meaning the cyber thief was likely acting on behalf of a government.
This discovery of the hack has come at a terrible time for Yahoo and will prove to be costly as they are currently in the midst of a multi-million dollar acquisition from telecommunications company Verizon. This also raises a number of questions about how companies can protect themselves and their customers against the risk of cyber-attacks.
If you have been affected by the hack or have a Yahoo account and have not reviewed your account information since 2014, you need to change your password and security questions immediately. The following are extra precautions you should take to ensure the security of your data:
1. Change all your passwords. Even on accounts not associated with your Yahoo account. This is why it is important to not use the same password for multiple accounts. Oftentimes a company will not be able to tell you your information has been compromised until it is too late.
2. Avoid using the same password more than once. Further elaborating on the above point; although it is convenient to have one password to remember and use across all accounts, this is dangerous and puts your information at risk. If a hacker is able to get his or her hands on just one of your passwords, he or she can use it to access all your other accounts, increasing the chances for lost information.
3. Create complex passwords. Complicated passwords are not as easy for hackers to figure out. Avoid common phrases, names or clichés. If possible, use a mix of letters and numbers as well as special characters.
4. Update security questions. Another major thing to note with this Yahoo breach is not only information was stolen but also the security questions and their answers. If you have been affected by this breach you need to update the security questions for other accounts in case you used common questions across all accounts.
A password can be changed, after all, but how do you reset your mother's maiden name?