Yahoo! Accounts Hacked Once Again! More Than 1 Billion Accounts At Risk of Identity Theft
Popular website Yahoo has been a victim of another account hack this Wednesday. The hack is said to be the biggest account breach in history, which targeted more than one billion accounts.
Yahoo informed the public that they discovered another account hack, compromising one billion data from one billion Yahoo accounts back in 2013. The company received numerous amount of data back in November, which turns out to be the data retrieved during an account hack in 2013. The hacked data is composed of sensitive and personal information of people such as birthdays, names, passwords, and email account. There are also traces of encrypted passwords and even answers to security questions that have been affected by the hack.
This is not the first time Yahoo has been attacked by hackers. Back in 2012, more than 450,000 accounts have been hacked. The passwords of the affected accounts have been posted online for public to see. Earlier in September, Yahoo also reported that more than 500 million accounts have been hacked. Because of the repeated Yahoo account hacks, Yahoo is advising its users to frequently change passwords to avoid being hacked.
In a statement from Yahoo, the company said that "an unauthorized party broke into the accounts." With the repeated cases of account breach for Yahoo, this goes to shows that the company's security is failing. According to Jay Kaplan, a chief executive in the security company Synack, no one saw any trace of this account hack until now. "What's most troubling is that this occurred so long ago, in August 2013," said Kaplan. He also noted that Yahoo has a long way to go before catching up to these threats.
Yahoo's chief information security officer, Bob Lord, informed that hackers managed to get their hands on Yahoo's source code back in the 2014 attack. He also stated how hackers can access accounts.
A browser cookie is the interaction of a website and the browser. These cookies are stored whenever a user access a website page. These cookies may contain personal information such as accounts and their passwords. Hackers can use these cookies to "create their own cookies." By "forging cookies", unwanted parties can access a website without having to use a user's password. Basically, they are impersonating a person online without them knowing it.
Because of this breach, Verizon Communications are reconsidering to negotiate the terms with Yahoo. Earlier this year, Yahoo reported selling its rights to Verizon Communications for $4.8 billion. This is because the company cannot push through by itself.
In order to protect its users from a future breach and to secure their personal information, Yahoo is advising their customers to change their passwords immediately. Since encrypted passwords and security questions have been attacked, these questions will not work anymore. Yahoo is also advising their customers to add new security questions to secure their accounts.
To prevent any future account breach, regardless of what website will be, here are some tips for protecting personal information on the internet.
Don't reuse passwords. Re-using passwords are increasing the chances of an account hack because these passwords can be retrieved easily by hackers.
Consider using strong combinations for a password. A strong password is composed of twelve characters. Make sure to make it memorable. If not, write it down.
Enable two-factor authentication. The two-factor authentication is a security feature on the internet that requires additional information from the user to enter aside from the usual username and passwords. This is to prevent unwanted parties to access the account.