The ghost of data breaches is coming back to haunt companies like Facebook, LinkedIn, Twitter, and the culprits are putting up the user information for sale.  The recent victim being the web giant Yahoo, as they confirmed that personal information of half a billion users has been compromised. More than its user the biggest victim is Yahoo itself, because this comes at a time when Verizon was all geared to buy Yahoo. 

“This is massive,” said cyber security expert Per Thorsheim on the scale of the hack. “It will cause ripple online for years to come.”

Upon investigation Yahoo found no evidence of state-sponsored actor in their network, but they believe it’s an act of an individual on behalf of the government, and this must have occurred sometime in late 2014.  In the wake of the data breach, Yahoo has urged its user to change their login credentials if they notice any suspicious activity.

Yahoo in a statement said. “The account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers,” 

I was thinking if Yahoo’s statement downplays this breach to be not so fatal like “dark web”. What is dark web? Well! For the past couple of weeks, the cyber securities across the world are going berserk, as they see new collections of stolen data almost on a daily basis. This data is sold for a few thousand dollars on the dark web, and behind each sale, there stands, one pseudonym: “Peace-of-Mind”.

Things to do

How do you know if your account is compromised? As soon as you log on to Yahoo, it will prompt you to enter a new password. Change it if you have used the same password on other accounts.

Be Alert

Yahoo has not mentioned clearly what to look for as suspicious, but has urged the users to go through their outgoing emails, and if you see anything fictitious, change everything related to your credentials.

Careful about Links

When you see a link on emails be extra careful about clicking or opening it, even if it is coming from a legitimate place like your bank. Restrain from sharing any account information over email.

Account Key

Enabling this will eliminate the need to remember the Yahoo password. If you are using a Yahoo Android or iOS app- go to your profile->select account key, so each time Yahoo will send you a confirmation when you try to log in. Users can also enable this feature on the web browser.

Two Layer authentication

Having a password alone is not a strong line of defense, you need to add a second layer of authentication, like a one-time text on your mobile. This will secure your online account. Yahoo has recommended it’s users’ to turn on this authentication feature.

While this is certainly an extra protection to secure your account, and you will not have to worry next time a massive data breach happens.

Similar Posts:

No similar blogs