The Yahoo Data Breaches: What to Do and Who Was Affected

The amount of times Yahoo’s users’ information has been breached has ultimately led to a deterioration of their reputation.

There have been altogether three cyber attacks, the first one taking place on September 16. The second breach occurred on December 16, while the last one occurred in February 2017.

In September 2016, Yahoo stated that the information of about 500 million users was stolen two years earlier. This hack compromised the information of accounts held in Yahoo Mail, Yahoo Finance, Yahoo Fantasy Sports, and Flickr.

The second attack came under the spotlight in December 2016. The hackers had allegedly breached information in August 2013. However, they started publicizing it in December, selling the data of around 1 billion users.

The information regarding the third attack, known as the “Yahoo Mail Login Cyber Attack”, wasn’t disclosed in detail.

Breakdown of the Yahoo Breaches

The Yahoo hack of September 2016 was one of the largest breaches to take place, leaving behind the high-profile data breaches of AOL, Target, Anthem, etc.

In the September 2016 attack, 500 million users experienced a breach of their personal information.

The breached data included names, email addresses, hashed passwords, dates of births, encrypted and unencrypted security questions, and answers. It wasn’t confirmed whether the payment card and bank account details were also hacked or not.

It was rumored that the breach was a state-sponsored act meaning the government hired an individual to hack the company’s account.

The December 2016 attack occurred due to the result of the data breach that took place in 2013. This 2013 attack comprised the personal information of about 1 billion users.

The hackers behind this breach weren’t identified. However, there was some speculation that it was the doing of a certain ‘Group E’ operating out of Eastern Europe. It was confirmed that the data was being sold on the dark web, which was only accessible through specific software.

What’s There to Worry About?

After these attacks, Yahoo users were urged to change their passwords. Even though none of the credit card information was stolen, these data breaches can still lead to identity theft, theft of private records, and other sensitive data.

If you’re still a Yahoo user, it is recommended to change your passwords periodically. The password’s strength should be high, representing both uppercase and lowercase letters, numbers, and special characters.

Furthermore, always use different passwords for different online accounts. This will ensure that in case of a breach of one account, other accounts are not compromised. Make sure all your devices are secured with the help of updated security software. As no financial information was stolen, there isn’t much to panic about.

However, there is one problem, the security questions. The questions are technically the same throughout all the websites. A threat actor could easily use the information to set up automated attacks known as credential stuffing.

The breached data is used to set up a program that allows the hackers to log in to accounts giving them access to their personal information like online banking and shopping.

How Did Yahoo Respond?

The first breach took place in 2014 but came to the company’s attention in September 2016 was blamed on “state-sponsored actor”.

The website advised its users to change their passwords immediately. Moreover, for the convenience of its users, the website even set up FAQs and user-friendly guides on their Yahoo Mail Page.

The company also updated its sign-in page to acknowledge the security issues beforehand.

However, these attempts weren’t enough as the company took a massive security hit just after a few months in December.

This breach that was initiated in 2013 was acknowledged right after the acquisition of Yahoo by Verizon. Verizon stated, ” After an in-depth research and analysis, it was obtained that almost all the Yahoo users were affected by the August 2013 theft”.

Yahoo directly stated that the breach occurred due to the involvement of a third party. The company worked closely with NCSC to obtain more information about the hacking and how it occurred. Until anything else came forward, users were advised to follow Yahoos Safety Center Page instructions.

The Bottom Line

The fact that Yahoo couldn’t detect the breaches and how long it took for them to realize something was wrong indicates the company’s lack of plan and effectiveness.

The Yahoo breaches crisis can be used as a form of a learning experience for other companies, indicating to them what to do and what not to do. If you are a Yahoo user, make sure you follow the tips mentioned above and enable two-factor authentication.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.