As Yahoo poises to sell up to Verizon, it may have some bad news to share.
Yahoo is poised to confirm a massive data breach of its service, according to several sources close to the situation, hacking that has exposed several hundred million user accounts.
While sources were unspecific about the extent of the incursion, since there is the likelihood of government investigations and legal action related to the breach, they noted that it is widespread and serious.
Earlier this summer, Yahoo said it was investigating a data breach in which hackers claimed to have access to 200 million user accounts and was selling them online. “It’s as bad as that,” said one source. “Worse, really.”
This summer a hacker calling themselves “Peace” was reportedly trying to sell 200 million Yahoo usernames, passwords and dates of birth on dark market websites.
What we don’t know is whether the alleged stolen login credentials were collected through phishing attacks, a breach at a different site where Yahoo users were using the same passwords), or a serious security breach at Yahoo itself.
Of course, we have to wait to see if Yahoo does make an announcement about a hack or not, and if they do what the nature of the claimed data breach might be. Until then, there’s a lot of speculation.
As before, my advice to Yahoo (and other internet) users is that your online accounts will be a whole lot safer if you have not made the mistake of reusing passwords between different sites, and have enabled two-step verification.
If a massive Yahoo hack is confirmed there will inevitably be many people quick to blame the firm for exposing their information. Not to pass the buck, but everyone going online today needs to be sensible about their security and take the necessary precautions and steps to reduce the chances of their own accounts being compromised.
Even if this current scare ends up not impacting your account, there is always the danger that you could become a victim in the future.
Read more about two-step verification:
- Two-factor authentication (2FA) versus two-step verification (2SV)
- How to better protect your Facebook account from hackers
- How to better protect your Twitter account from hackers
- How to enable two-step verification (2SV) on your WhatsApp Account
- How to protect your Amazon account with two-step verification (2SV)
- How to better protect your Google account with two-step Verification (2SV)
- How to protect your Dropbox account with two-step verification (2SV)
- How to protect your Office 365 users with multi-factor authentication
- How to protect your Microsoft account with two-step verification (2SV)
- How to better protect your Tumblr account from hackers with 2SV
- How to protect your LinkedIn account from hackers with two-step verification (2SV)
- How to protect your PayPal account with two-step verification (2SV)
- How to protect your Yahoo account with two-step verification (2SV)
- How to protect your Apple ID account against hackers
- How to better protect your Google account with two-step verification and Google Authenticator
- How to protect your Hootsuite account from hackers
- How to better protect your Instagram account with two-step verification (2SV)
- Instagram finally supports third-party 2FA apps for greater account security