Yahoo is facing is a huge security issue as it has already confirmed a massive security breach. Around 500 million Yahoo accounts are hacked around the globe. It is believed to be a biggest digital hack as hackers swiped a lot of personal information from estimated 500 million accounts worldwide. This massive breach actually occurred in 2014 and Yahoo took a long time of two years to inform the world about this issue that is a serious concern in itself. An investigation is going on this and Yahoo is currently blaming state-sponsored actor behind this massive data breach. Yahoo is now asking all the users to change their Yahoo account password and secure their accounts. The reason behind this delayed announcement of the data breach is that this former internet giant was in a deal with Verizon, which agreed to purchase its operating system for worth $4.83 billion dollars in July 2016. Yahoo says that it is working closely with the enforcement of the law in this matter. According to the reports, the state-sponsored actor had stolen the virtual credentials of a user from the Yahoo’s network in 2014. The account information may have included telephone numbers, email addresses, usernames, date of birth, hashed passwords and even encrypted or unencrypted security questions and answers too. However, it is believed that that the financial credentials are safe and not stolen. The ongoing investigation reported that stolen information did not include payment card data, unprotected passwords, and bank account information. Yahoo is currently working with FBI and other law enforcements in this matter.
Yahoo is currently taking a number of steps to tackle this situation. Here they are, as mentioned in the statement:
Yahoo is currently notifying potentially affected user accounts. The content of which will be available at https://yahoo.com/security-notice-content beginning at 11:30 am (PDT).
Yahoo is asking users who are thought to be affected or hacked to immediately change their passwords and accordingly adopt alternative methods of account verification.
Yahoo now invalidated unencrypted questions and answers of security so that they cannot be used to access the account.
Yahoo is recommending to all the users to change their password if they haven’t changed it since 2014.
Yahoo is continuously trying to enhance its system to prevent and detect unauthorized access to user data.
Yahoo is working closely with law enforcements and FBI.
Yahoo has also suggested some measures to be taken by users to protect their accounts:
Change your security questions, answers and passwords for any other account that is associated with Yahoo.
Review your account for any suspicious activity.
Be aware of any unsolicited communication that refers any page or asks for any personal information.
Avoid clicking on download attachments or links attached with any suspicious email.