From 1 Billion Compromised to 3 Billion? Yep, it's true. The Yahoo! Breach
Your Yahoo account was definitely hacked-here's what happened and what to do
A massive data breach at Yahoo in 2013 was far more extensive than previously disclosed, affecting every last user, all 3 billion of them. Parent company Verizon Communications Inc. disclosed this news earlier today, Tuesday, October 3, 2017, according to the Wall Street Journal.
Here is Insight from Matt O'Brien, AP Contributor for WRAL: Yahoo: 3 billion accounts breached in 2013. Yes, 3 billion
"Whether it's 1 billion or 3 billion is largely immaterial. Assume it affects you," Curry said. "Privacy is really the victim here."
Yahoo first disclosed the breach in December . The stolen information included names, email addresses, phone numbers, birthdates and security questions and answers.
Following its acquisition by Verizon in June, Yahoo says, it obtained new intelligence while investigating the breach with help from outside forensic experts. It says the stolen customer information did not include passwords in clear text, payment card data or bank account information.
Yahoo had already required users to change their passwords and invalidate security questions so they couldn't be used to hack into accounts.
The disclosure is also a huge embarrassment for Verizon, which has just started running TV ads for its new subsidiary Oath, which will consist of Yahoo and AOL services.
Verizon spokesman David Samberg said the company has no regrets about buying Yahoo, despite the latest revelation.
Companies often don't know the full extent of a breach and have to revise statements about how it affects customers years later, said Ben Johnson, co-founder and chief technology officer for Obsidian Security, based in Newport Beach, California. Johnson said Yahoo might never know exactly what was accessed.
"The fact is attackers are having field days and the problem is only going to get worse," he said.
What This Means For You, Your Business, and Your Data Privacy
As always, remain diligent and change your password every 30 days, install the latest updates and firmware, use end-to-end encryption, and lead from the front. For example, if you are a C-Level executive going to work tomorrow, make your team aware and take the necessary precautions to avoid disaster.
Does This Have Anything To Do With Equifax?
While I'm not certain, one can only assume the timing of the equifax breach disclosure and Yahoo! breach disclosure involve similar security flaws which have since been patched in most systems.
If you are reading this right now, make sure you are up-to-date with your mobile phone operating system (whether it is the iOS 11.01 update or Android update) and computer operating system. This also goes for Windows and Mac owners.
If you are reading this right now, make sure you are up-to-date with your mobile phone operating system (whether it is the iOS 11.01 update or Android update) and computer operating system. This also goes for Windows and Mac owners.
Final Thoughts:
The recurring cyber incidents pose serious concern for both business owners and lawmakers. Luckily there is legislation in place to facilitate the protection of your data but the only way to ensure your own safety when browsing the web is to know what you are doing. It's no longer safe to click links in my opinion unless you know you're operating in a safe environment.
I always recommend you comply with the General Data Protection Regulation (GDPR) if you are operating in a business environment. If you are an end-user (i.e. Student), I recommend you identify the top sites you browse, bookmark these sites, and go to no other website unless you put the page through a security engine. These cyber incidents are much more serious than many can fathom, but if you follow my recommendations, you are much less susceptible to having your data compromised.
