Geeks2U Promise
We guarantee you'll love our fast, friendly service - or we'll refund your money.  
133,572 Happy Customers & Counting
Need tech support?
1300 769 448
Extended hours, 7 days a week
Home  /  geekspeak  /  Yahoo gets hacked again, but what can you do?

Yahoo gets hacked again, but what can you do?

login and password

Online security is a tricky business, and one that’s dominated by a single factor. That single factor is money, because while the history of malware started with mostly prank-based or destructive software, for some years now it’s been a matter of cold, hard cash. The ways that the money is generated varies depending on the value of your online data; it’s not just a matter of access to, say, bank accounts or credit cards.

It recently emerged that online services owned by Yahoo! were seriously compromised to the extent that potentially every single Yahoo! account may have been compromised in a significant way. Yahoo! isn’t quite the online powerhouse that it was ten or more years ago, but the chances are decent that you may have had a Yahoo! account, whether for free online email, or any of its subsidiary brands.

The breach itself appears to have happened back in August 2013, and is distinct from a seperate breach that the company disclosed back in September (Yahoo’s data breach may be good for overall security standards) which allegedly saw some 500 million email accounts compromised. What that means is that Yahoo! has been the site of effectively two of the worst security breaches in online history. That’s not an award anyone in business wants to win.

For its part, the company has said that it doesn’t think that personal credit card information was included in the breach, but it does appear that other personal information may have been compromised. That still has value on the darker parts of the web, whether to try to then scam you further down the line, or simply for identity theft purposes.

You could always take the step of deleting your Yahoo! account, but the realistic picture here for a breach that happened three years ago is that whatever damage was going to be done is, in one sense, old news. Any leaked information has probably been sold, possibly multiple times.

It really does highlight a serious issue with breach reporting, simply because a breach of one day is an issue, but a three year breach means that information online may have changed hands multiple times. It’s hardly a ringing endorsement of Yahoo!’s security practices, and certainly if you’re unhappy with the company then you could delete your accounts, but it’s not going to markedly change what’s already happened.

So what can you sensibly do? It should go without saying that if you do have a Yahoo! account, you should at the very least change your password, especially if it’s remained unchanged for the past couple of years.

You should also take the opportunity to audit your other online services, both for passwords and for features such as two factor authentication, in order to lock them down as well as possible. As always, a major breach like this always brings out the chancers as well, so be wary of any automated email that offers to reset your password for you. The odds are just as good that they’re going to try to get access even if you have changed your login details to remain secure.

While Yahoo! maintains that it doesn’t think financial details were compromised, it’s equally a wise step to keep an eye on your accounts for any kind of unusual activity. That won’t always be someone trying to buy a Lamborghini somewhere in the middle of Russia straight away, but could instead be a smaller, hard to notice charge for just a dollar or two to test against it. See something like that on your account, and it’s time to contact your bank to check that your money is still secure.

It’s frustrating that a lot of online security lies beyond our own individual control, but that doesn’t mean there’s nothing you can do for your part to keep your own individual information secure. Governments are still struggling working out how breach reporting in cases like this should work, and we should see some emerging standards for this kind of matter in the coming years.

FacebookTwitterGoogle+Share

Recent News

Closeup of Password Box in Internet Browser

For just about any online service you’d care to name, you’re going to be requested to set up a password in order to securely access those services. This may be for a relatively trivial reason, such as one-time access to a site you’re not sure you’re going to use regularly, or something far more serious… More 

ipod1stgen

While Apple has a history as a computer company that dates all the way back to the 1970s and the original Apple I computer and wildly successful Apple II model that was the favourite of many Australian educational institutions in the 1980s, by the 1990s, the company wasn’t doing so well. Considerably more affordable Windows… More 

freewifi

It’s feasible within Australia to stay connected online for relatively low prices, especially if you make smart use of public Wi-Fi. It’s possible to get online from many public libraries, cafes, shopping centres and popular public locations, where the venue either offers Wi-Fi as a straight service (a la libraries) or as part of a… More 

optusannouncement

Optus recently announced that it was sinking around $1 billion dollars into improving its nationwide mobile telephony network, with a particular focus on improving its regional coverage. That billion dollars will go into 500 new mobile sites across the nation, including 114 on the Federal Government’s Mobile Blackspot program, as well as upgrading more than… More