500 Million Yahoo Accounts Hacked, Change Passwords Now
Yahoo confirmed that information was stolen from at least 500 million user accounts in 2014. Although information was leaked earlier today, it is worse than we originally thought. If you have a Yahoo account, it’s time to change your password.
Yahoo is notifying potentially affected users right now, but the information accessed by what they call “government-sponsored” includes a ton of personal information, although thankfully there was no access to credit card numbers or bank account information. Here’s what Yahoo released today :
A recent investigation by Yahoo! Inc. confirmed that a copy of certain user account information was stolen from the company’s network at the end of 2014 by what she believed to be a government-sponsored entity. Account information could include names, email addresses, phone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers. Ongoing investigation suggests the stolen information did not include insecure passwords, payment card details, or bank account information; payment card details and bank account information are not stored on the system, which the investigation found was affected. Based on an ongoing investigation, Yahoo believes that information associated with at least 500 million user accounts has been stolen, and the investigation has found no evidence that the government-sponsored entity is currently on the Yahoo network. Yahoo is working closely with law enforcement on this matter.
Instead of waiting for a confirmation email from Yahoo to confirm that your information was used in this leak, it’s best to change your password now. Use strong passwords , get a password manager, and don’t use the same password as for other sites. Also now is a good time to enable two-factor authentication on this Yahoo account .