Yahoo Now Says 3 Billion User Accounts Were Hacked In 2013 Data Theft
Yahoo has had its fair share of data breach issues in recent years, and its most notable incident, the monstrous 2013 data breach that was reported to give hackers access to data from one billion accounts, was actually underestimated. The company now believes all three billion of its user accounts at the time were affected by the hack, according to an announcement1 on October 3rd, 2017. To be clear, this is not a new hack, just an update on the figures of the 2013 hack. Yahoo is basing the updated information on new intelligence and further investigation into the breach. New email notifications are being sent to the remaining affected user accounts, Yahoo claims. Yahoo’s 2013 breach involved sensitive user information such as:
- Telephone numbers
- Security questions and answers
Considering how similar many security questions are on websites across the internet, this made the breach even worse.
The Equifax Hack: What You Need To Know
Yahoo isn’t the only company announcing an increased number of hacked accounts in recent days. Equifax also recently confirmed2 that an additional 2.5 million additional U.S. customers were “potentially impacted” by the firm’s recent data breach. The review also determined that roughly 8,000 Canadian consumers were affected by the breach. We offered further information in the aftermath of Equifax’s breach, and that advice still stands.
How To Protect Your Hacked Accounts
So, what do you do if you have a Yahoo or Equifax account? Although your information has been exposed, there are a number of steps you can take to safeguard your accounts and regain control.
Change Your Password
If you have a Yahoo account, you’ve likely changed your password since then, possibly even a number of times. But if you haven’t, or if it will make you feel more secure, it makes sense to change your password once again. Further information on the hack and subsequent responses can be found on Yahoo’s 2013 Account Security Update FAQs page.3
Add Two-Factor Authentication
Both Yahoo and Equifax offer their customers two-factor authentication, which means that when they log into their accounts, the companies will send passcodes to their mobile devices. Not only will the customer need their username and password to log in, but also this passcode, which prevents unauthorized access. Even better is multi-factor authentication, which requires fingerprint or face ID in addition to written credentials.
Change Your Security Questions
Along with your password, change your security questions and answers, ideally making them unique to your Yahoo or Equifax accounts. Try to make the questions surround something that only you know and something that’s not available anywhere else online. For example, you shouldn’t use the question “What is your mother’s maiden name?” if your mother’s Facebook page displays this information.
Install Identity Theft Protection
Finally, as a safety net, we recommend that you subscribe to any identity theft protection service that will monitor multiple areas for your personally identifiable information, such as:
- Dark web
- Credit bureaus (including Equifax, TransUnion and Experian, which has its own identity
- theft protection service called Experian IdentityWorks)
- Sex offender registries
- Tax returns
- Bank account takeovers
- Pay-day loan requests
The service will also monitor other key criminal and financial areas. Most of these services also include identity theft insurance with maximum reimbursements of $1 million. While no service can guarantee detection or prevention of identity theft, the insurance will help you recover any lost funds and restore your identity.
SEC. (2017). Yahoo Provides Notice to Additional Users Affected by Previously Disclosed 2013 Data Theft.
Equifax. (2017). Equifax Announces Cybersecurity Firm Has Concluded Forensic Investigation Of Cybersecurity Incident. investor.equifax.com/news-and-events/press-releases/2017/10-02-2017-213238821
Yahoo. (2013). Yahoo 2013 Account Security Update FAQs. help.yahoo.com/kb/account/SLN28451.html?impressions=true