Geeks2U Promise
We guarantee you'll love our fast, friendly service - or we'll refund your money.  
133,572 Happy Customers & Counting
Need tech support?
1300 769 448
Extended hours, 7 days a week
Home  /  geekspeak  /  Yahoo’s data breach may be good for overall security standards

Yahoo’s data breach may be good for overall security standards

Yahoo is the latest big tech company to be the victim of a large scale security breach. Although in Yahoo’s case, it’s somewhat broken the scale used to measure such matters. Yahoo has reported that some 500 million user account details, including user names, email addresses, telephone numbers and hashed passwords may have been stolen by what it’s blaming on “state-sponsored” hackers. Yahoo hasn’t named the state in question, but the scale of the attack, if Yahoo’s counting is accurate, puts it in entirely new territory for data breaches.

What should I do if I’ve got a Yahoo account?

If you use Yahoo’s services and have a login account, Yahoo should have contacted you by email to notify you of the breach. The general advice it’s giving is that users should change their Yahoo passwords, especially if that password has remained unchanged since 2014. That’s pretty much security 101, and frankly given the numbers involved, if you’ve got an account it would be extremely wise to change your password and verification details, including any “secret” password questions as soon as you possibly can.

It’s also worth noting — and Yahoo itself admits this — that you should be wary of any emails telling you to click on links to change your password within the email itself. Again the scale and notoriety of the attack means that fake “phishing” emails are an inevitability. Open up a fresh browser window, head to Yahoo, log in there and change your passwords from there. It’s the only way to be entirely sure.

As always, you shouldn’t re-use a password that you use for any other service here. My standard advice remains to use a strong password management application such as Keepass, 1Password or Dashlane to manage your password affairs; they all make it quite easy to generate and store strong passwords for you.

The attack on Yahoo is just the latest in a long string of publicised attacks on large scale Internet companies, even though the actual breach appears to have occurred in late 2014. The issue with this kind of security work is that naturally companies may only know about such breaches long after the event, although it’s not clear precisely when Yahoo knew about it.

If there’s some good that may come out of this, apart from increased awareness of the needs to make sure that you don’t re-use passwords and optimally cycle through strong passwords on a reasonably regular basis, it’s in the manner and style of breach reporting. Again it’s not clear when Yahoo became aware of the breach, but the issue with long standing breaches is that many of us, unaware that personal information may have been leaked, could well continue on oblivious to it. There’s not a whole lot of law that deals with the issues around mandatory reporting of this kind of issue, which means that companies aren’t always compelled to let end users know. Yahoo’s breach is so big, and so wide, that it’s quite likely that the adoption of this kind of legislative framework may have just been accelerated considerably. That won’t solve security issues of actual breaches, of course, but if they’re locked down fast and people know they’ve got to act, everyone stays that much safer after the breach as a result.


Recent News

One of the biggest tech news stories of recent months emerged when the US Department of Justice announced that it’s going to take search giant Google to court, alleging that it has violated antitrust laws in a monopolistic fashion. According to statements reported by the New York Times, “nothing is off the table” in terms

Apple recently launched its 2020 crop of iPhone smartphones, comprising 4 different sizes and models that will become progressively available over the next month or so. The realities of the COVID-19 Pandemic have meant Apple has had to stagger its iPhone 12 launch schedule, with the basic iPhone 12 and iPhone 12 Pro going on

NBN Co recently announced that it’s spending some $3.5 billion dollars to upgrade parts of the nation’s Fibre To the Node (FTTN) network to full Fibre To The Premises (FTTP) over the next 3 years. While the NBN itself has been one massive political football, for better or worse, the practical reality of its near-finished

Virtual Reality, often shortened to VR is one of those “future tech” concepts, along with hoverboards, jetpacks and teleportation that we always seem to be just on the cusp of… but never quite getting there. However, unlike teleportation – which conventional physics suggests might be a bit of a non-starter – or the risky nature

Coronavirus (COVID-19) Update

Learn about the precautions we are taking and our new contactless pick-up and remote service options. Read More
Get help setting up your home office or homework area today. Learn More