Yahoo’s new parent company, Verizon, reported this week that all 3 billion user accounts were likely compromised in the 2013 data breach. Previously, the company reported that the breach affected 500 million and then changed that number to one billion. Information that was stolen includes names, phone numbers, and dates of birth, passwords and answers to security questions.
The breach doesn’t just affect your Yahoo account. This information is called Personally Identifiable Information (PII) and can be used to reset current passwords, apply for credit and loans, and even open up new accounts in your name. If you had a Yahoo account in 2013 here’s what you need to do.
Check your online accounts
Take some time to browse your online accounts to ensure none have been compromised or had unusual activity. You may want to change your security questions and answers, too. Yahoo has invalidated their unencrypted security questions and answers but if you use the same security questions for other sites you will have to change those yourself.
Change your passwords
If your password was stolen in the 2013 breach it is likely that you have used that password for other logins. Keeper conducted a detailed survey of 1,000 smartphone users to determine how they protect their devices and sensitive data. Our findings indicated that password reuse across different applications is frequent, average password strength for mobile applications and websites is low and that most users rarely changed passwords.
Reuse of the same password across multiple applications is quite common, with nearly 84% of users telling us that they access at least two different applications or websites with the same credentials. We commend the 16% who said they never engage in this practice. On the other hand, the 24% who reuse passwords across five or more applications are playing with fire.
Change your passwords now and use unique password for each login.
Enable Two-Factor Authentication
Using Two-Factor Authentication, or 2FA, links your online account to a physical device, such as your phone, which makes it more difficult for a hacker to login to your account from a remote location. When you activate 2FA and attempt to login you will receive a verification code to your device and be required to enter it before gaining entrance.
Don’t Click Suspicious Links
Hackers will capitalize on this breach by attempting to send you unsolicited communications that ask you for personal information, refer you to a web page asking for personal information, and even appear to originate from Yahoo. Avoid clicking links or downloading attachments from suspicious emails.
Even though this breach happened in 2013 it is important to follow these steps. The fallout from the Yahoo breach will be felt for a long time so being proactive helps eliminate any risks to your future digital life.
Not yet a customer? Download Keeper Password Manager and Digital Vault now.