Back in 2014, Yahoo experienced a serious data breach of millions of its accounts, though it never publically revealed just how many. Today, the company posted an official message on its Tumblr blog, announcing that 500 million accounts were compromised in what the company believes was a “state-sponsored” act.
Yahoo says the information gathered from these compromised accounts includes names, email addresses, telephone numbers, birthdates, hashed passwords, and in some cases encrypted or unencrypted security answers. The company says that the stolen information didn’t include unprotected passwords, credit card, or bank information.
Despite that, because of the nature of the leak, Yahoo is suggesting that affected customers should change their security questions for any accounts that may use the same questions. They’re working closely with law enforcement to determine who was behind the hack, but customers should follow these safety steps to avoid information being used to get into other accounts.
- Change your password and security questions and answers for any other accounts on which you used the same or similar information used for your Yahoo account.
- Review your accounts for suspicious activity.
- Be cautious of any unsolicited communications that ask for your personal information or refer you to a web page asking for personal information.
- Avoid clicking on links or downloading attachments from suspicious emails.