If you're concerned about the recent hack of Yahoo which compromised 500 million user accounts, here's a basic rundown of the situation and info on what to do moving forward.
1-It’s the largest hack ever of a single site – There have been bigger in the past, Russian hackers stole 1.2 billion accounts in 2014, but this was from multiple sites across the Internet. The 500 million accounts stolen from Yahoo constitute the largest ever theft of user accounts from a single site.
2-It happened in 2014 – There is no federal standard requiring companies to disclose data breaches of this kind. Companies like Yahoo are subject to various disclosure laws depending on the state in which they are located. In 2015, President Obama tried to get Congress to enact a new law requiring companies to report hacks such as this within 30 days, but it has yet to pass. Yahoo claims to have learned of the incident in July.
3- Yahoo is blaming “state sponsored” hackers – This means the company is claiming a level of organization, personnel, and funding that would typically be associated with, say, a North Korea or Russia. This means only a nation with almost limitless resources would be able to pull something of this magnitude off. However, many are claiming the company is just covering for itself as it would be embarrassing if a single, or small group of independent hackers were to blame.
4- Apparently no financial information was stolen – According to the company, the hackers got away with answers to security questions, dates of birth, email addresses, telephone numbers, and easily decrypted passwords. Information like credit card numbers is stored in a different, unaffected system.
5- What does it mean to you? Although no financial information was stolen, you can still be affected in other ways. If you use the same password and security answers for different accounts, someone may be able to use the Yahoo information to get into those. This could include your banking or credit card accounts, and your work email.
This is beyond the embarrassment of someone reading your personal correspondence. If you’ve ever sent account numbers, social security numbers, or kept logins and passwords to other accounts in your Yahoo account, thieves now potentially have access to this information.
Knowing your personal information also makes it easier for hackers to get you to click phishing links in your inbox, or to impersonate an authority from a financial institution you patronize.
Firstly, change your password and security questions. If you use any of these for other accounts, change them too. Going forward, it’s a good policy to use different passwords for every online service you utilize. It also goes without saying that you should avoid clicking links that seem even remotely suspicious.
Taking these actions will help lessen the impact of this data breach in the short term. However, if you want the ultimate in protection going forward, it might be a good idea to take a look at some of our recommended identity theft protection companies.
ID Theft Protection is like a pair of eyes that never close, keeping 24/7 watch online and off to make sure no one is doing anything nefarious with your personal information.
Identity theft protection companies monitor your credit activity and alert you immediately at the slightest sign of anything suspicious, say, if someone applies for a credit card in your name. You’ll be alerted and asked to verify any activity that could be perceived as an attempt to steal your ID.
And in the event your identity is stolen, companies like out advertising partner Identity Guard will spend up to $1 million to rectify the situation.
The massive Yahoo data breach proves just how easy it is for people to get access to your personal information. If you’re interested in an extra layer of protection, it may be a worth it to look into identity theft protection.