Cyber attacks happen on a regular basis and we usually do not hear about them unless they are big or have affected many people in the process. Well, the biggest breach in history just happened to Yahoo. It is possible that up to one billion user accounts were affected, which is unprecedented.
The Reveal of the Breach
Yahoo revealed the breach on December 14th via Tumblr. They said that they believe the breach occurred in August of 2013. This is not the first time that Yahoo has experienced a breach. In fact, they had a data breach in 2014 but they believe that the two breaches are unrelated. Yahoo revealed the 2014 breach in September of this year and that breach is thought to only have affected 500 million accounts, half of what is expected with this latest breach. The discover of the 2014 breach did lead the company to discover this breach as part of the investigation. Yahoo believes that the attackers accessed their proprietary code and learned how to forge cookies so they could gain access to the system.
The Information Believed to Have Been Taken
There is a lot of information that can be placed in Yahoo accounts but the chief information security officer, Bob Lord, says he believes that quite a bit was taken during this breach. So far, they have been able to confirm that names, telephone numbers, email addresses, dates of birth, and even hashed passwords were taken. They have even found that it is possible that encrypted and unencrypted security questions and answers were accessed. The company does think that bank account information as well as payment data was not accessed because it is not stored within the same system. It is stored on its own separate system.
What You Should Do Now
Yahoo is contacting all of the affected account holders that they are aware of. However, even if you are not contacted by Yahoo, there are a few steps you should take to ensure your security. First, you should change your password on your Yahoo account and any other accounts that may have similar passwords. You should also update your security questions and answers on your Yahoo account and any others that may use the same ones. Keep an eye on all of your accounts for any suspicious activity. You should also beware of any communications that you have not initiated. They may come as an email, phone call, social media message, or other channel. If you do get unsolicited emails with links in them, do not click the links. You should never download any attachments unless you are 100 percent sure they are secure and you know where they are coming from.
This is the biggest breach we have ever seen and we will likely see more large breaches as cyber attackers become more savvy and start reaching for larger corporate targets. For more information about how you can protect yourself from cyber attacks, be sure to contact PNJ Technology Partners in Albany by calling them at (518) 459-6712 or reaching out via email at info@pnjtechpartners.com.