Geeks2U Promise
We guarantee you'll love our fast, friendly service - or we'll refund your money.  
133,572 Happy Customers & Counting
Need tech support?
1300 769 448
Extended hours, 7 days a week
Home  /  geekspeak  /  Yahoo gets hacked again, but what can you do?

Yahoo gets hacked again, but what can you do?

login and password

Online security is a tricky business, and one that’s dominated by a single factor. That single factor is money, because while the history of malware started with mostly prank-based or destructive software, for some years now it’s been a matter of cold, hard cash. The ways that the money is generated varies depending on the value of your online data; it’s not just a matter of access to, say, bank accounts or credit cards.

It recently emerged that online services owned by Yahoo! were seriously compromised to the extent that potentially every single Yahoo! account may have been compromised in a significant way. Yahoo! isn’t quite the online powerhouse that it was ten or more years ago, but the chances are decent that you may have had a Yahoo! account, whether for free online email, or any of its subsidiary brands.

The breach itself appears to have happened back in August 2013, and is distinct from a seperate breach that the company disclosed back in September (Yahoo’s data breach may be good for overall security standards) which allegedly saw some 500 million email accounts compromised. What that means is that Yahoo! has been the site of effectively two of the worst security breaches in online history. That’s not an award anyone in business wants to win.

For its part, the company has said that it doesn’t think that personal credit card information was included in the breach, but it does appear that other personal information may have been compromised. That still has value on the darker parts of the web, whether to try to then scam you further down the line, or simply for identity theft purposes.

You could always take the step of deleting your Yahoo! account, but the realistic picture here for a breach that happened three years ago is that whatever damage was going to be done is, in one sense, old news. Any leaked information has probably been sold, possibly multiple times.

It really does highlight a serious issue with breach reporting, simply because a breach of one day is an issue, but a three year breach means that information online may have changed hands multiple times. It’s hardly a ringing endorsement of Yahoo!’s security practices, and certainly if you’re unhappy with the company then you could delete your accounts, but it’s not going to markedly change what’s already happened.

So what can you sensibly do? It should go without saying that if you do have a Yahoo! account, you should at the very least change your password, especially if it’s remained unchanged for the past couple of years.

You should also take the opportunity to audit your other online services, both for passwords and for features such as two factor authentication, in order to lock them down as well as possible. As always, a major breach like this always brings out the chancers as well, so be wary of any automated email that offers to reset your password for you. The odds are just as good that they’re going to try to get access even if you have changed your login details to remain secure.

While Yahoo! maintains that it doesn’t think financial details were compromised, it’s equally a wise step to keep an eye on your accounts for any kind of unusual activity. That won’t always be someone trying to buy a Lamborghini somewhere in the middle of Russia straight away, but could instead be a smaller, hard to notice charge for just a dollar or two to test against it. See something like that on your account, and it’s time to contact your bank to check that your money is still secure.

It’s frustrating that a lot of online security lies beyond our own individual control, but that doesn’t mean there’s nothing you can do for your part to keep your own individual information secure. Governments are still struggling working out how breach reporting in cases like this should work, and we should see some emerging standards for this kind of matter in the coming years.

FacebookTwitterGoogle+Share

Recent News

chomecast

Wi-Fi is nothing new, and for the most part, we just take it for granted, typically with the router supplied by our ISPs doing all the heavy lifting. The routers supplied by most ISPs really aren’t all that great if you crave high performance, but for the majority of consumers they’re suitable, if not exciting…. More 

8thgen

For decades now, if you were buying a PC, you essentially had two choices when it came to the processor that ran it. For the most part, Intel’s processors under various branding such as Pentium or Core were what you were most likely to hit, with rival AMD’s CPUs generally found in lower-cost machines, or… More 

spectremeltdown

Usually when you hear about large scale security problems, it’s because there’s been an obscure exploit of some incredibly complicated code that somebody’s worked out a way around, leading to the need for software patches, or an entirely human error where access was pilfered via purely social means. Hardware flaws that affect computer security aren’t… More 

password

2017 was a year of some very large security breaches across all sorts of companies, from smaller online merchants all the way up to bigger brands, such as the uber-leak that came out of, well, Uber, where a data leak saw the records of some 57 million users worldwide compromised. As such, you would think… More