Open in app

Sign in

Write

Sign in

Yahoo finally owns up to the breach of the personal account data of at least 500 million users. What you need to know to secure your account.

ldstephens
2 min readSep 22, 2016

Here’s the confirmation of the breach according to Yahoo’s Account Security Issue FAQs page:

We have confirmed, based on a recent investigation, that a copy of certain user account information was stolen from our network in late 2014 by what we believe is a state-sponsored actor. The account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers. The ongoing investigation suggests that stolen information did not include unprotected passwords, payment card data, or bank account information; payment card data and bank account information are not stored in the system that the investigation has found to be affected.

As part of the Account Security Issue FAQ Yahoo walks you through exactly what you need to do to secure your account and private information including:

  • What happened?
  • Was my account affected?
  • Is the state-sponsored actor still in Yahoo’s network?
  • What information was stolen?
  • What is a “hashed password”?
  • What is “bcrypt”?
  • I think I received an email about this issue. How do I know that it is really from Yahoo?
  • What is Yahoo doing to protect my account?
  • How do I change my password or disable security questions and answers?
  • Is there anything I can do to protect myself?
  • What additional steps can I take to protect my information?

When I went to change my Yahoo password earlier today, I found that when you attempt to sign in you are prompted to change your password or to set up a Yahoo Account Key to stop using passwords. The process also offers you the opportunity to change or delete your security questions. My personal choice was to delete my security questions and use the Yahoo Account Key in place of a password. You’ll need to decide which option will work best for you.

I hope this information has been helpful.

Security
Yahoo
Privacy
Tech
News

--

--

ldstephens

Written by ldstephens

2.8K Followers

I'm ldstephens, a tech blogger since 2015, sharing my insights on Apple and general tech news. Subscribe: https://ldstephens.medium.com/subscribe

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams