Geeks2U Promise
We guarantee you'll love our fast, friendly service - or we'll refund your money.  

0330 808 5201
Extended hours, 7 days a week
Home  /  geekspeak  /  Yahoo gets hacked again, but what can you do?

Yahoo gets hacked again, but what can you do?

Online security is a tricky business, and one that’s dominated by a single factor. That single factor is money, because while the history of malware started with mostly prank-based or destructive software, for some years now it’s been a matter of cold, hard cash. The ways that the money is generated varies depending on the value of your online data; it’s not just a matter of access to, say, bank accounts or credit cards.

It recently emerged that online services owned by Yahoo! were seriously compromised to the extent that potentially every single Yahoo! account may have been compromised in a significant way. Yahoo! isn’t quite the online powerhouse that it was ten or more years ago, but the chances are decent that you may have had a Yahoo! account, whether for free online email, or any of its subsidiary brands.

The breach itself appears to have happened back in August 2013, and is distinct from a seperate breach that the company disclosed back in September (Yahoo’s data breach may be good for overall security standards) which allegedly saw some 500 million email accounts compromised. What that means is that Yahoo! has been the site of effectively two of the worst security breaches in online history. That’s not an award anyone in business wants to win.

For its part, the company has said that it doesn’t think that personal credit card information was included in the breach, but it does appear that other personal information may have been compromised. That still has value on the darker parts of the web, whether to try to then scam you further down the line, or simply for identity theft purposes.

You could always take the step of deleting your Yahoo! account, but the realistic picture here for a breach that happened three years ago is that whatever damage was going to be done is, in one sense, old news. Any leaked information has probably been sold, possibly multiple times.

It really does highlight a serious issue with breach reporting, simply because a breach of one day is an issue, but a three year breach means that information online may have changed hands multiple times. It’s hardly a ringing endorsement of Yahoo!’s security practices, and certainly if you’re unhappy with the company then you could delete your accounts, but it’s not going to markedly change what’s already happened.

So what can you sensibly do? It should go without saying that if you do have a Yahoo! account, you should at the very least change your password, especially if it’s remained unchanged for the past couple of years.

You should also take the opportunity to audit your other online services, both for passwords and for features such as two factor authentication, in order to lock them down as well as possible. As always, a major breach like this always brings out the chancers as well, so be wary of any automated email that offers to reset your password for you. The odds are just as good that they’re going to try to get access even if you have changed your login details to remain secure.

While Yahoo! maintains that it doesn’t think financial details were compromised, it’s equally a wise step to keep an eye on your accounts for any kind of unusual activity. That won’t always be someone trying to buy a Lamborghini somewhere in the middle of Russia straight away, but could instead be a smaller, hard to notice charge for just a dollar or two to test against it. See something like that on your account, and it’s time to contact your bank to check that your money is still secure.

It’s frustrating that a lot of online security lies beyond our own individual control, but that doesn’t mean there’s nothing you can do for your part to keep your own individual information secure. Governments are still struggling working out how breach reporting in cases like this should work, and we should see some emerging standards for this kind of matter in the coming years.

Share

Recent News

Every year, the consumer electronics industry depends on Las Vegas, and not for the reasons one might feasibly head to Las Vegas for. OK, to be fair, a certain amount of gambling and drinking does go on, but it’s the backdrop for the Consumer Electronics Show, where the world’s big electronics companies — and thousands… More 

The new year is upon us, and with it, the promise of all sorts of new tech gadgets, with everything from foldable phones to smarter electric cars for sale. Connectivity is the glue that binds those two quite different concepts together, and indeed just about any other technology you’d care to name, because we absolutely… More 

So, what is your password? No, don’t answer that. Really, please don’t. Partly because the whole point of a password should be that it’s a secret known only to you, but also because there’s increasing evidence that we’re still not much better at password security than we were last year. Each year, SplashData (100-worst-passwords-top-50) puts… More 

2018 has been a year marked by some pretty big and significant privacy stories in technology. In one sense, this has been a healthy matter, because it’s made a lot more people aware of what it is they’re sharing online, where their data is tracked and what it’s used for. There’s plenty of data about… More