Someone has been naughty. Yahoo has been under serious stress this year. Due to a long spiral of economic misfortunes, it begrudgingly decided to put itself up for sale. Out of several suitors, Verizon came out on top with a large offer. Then Yahoo had to clarify that 500 million accounts were hacked way back in 2003. That put tremendous pressure on the purchase offer by Verizon, which had agreed to pay $4.83 billion for the struggling Internet company. Forbes described it as “the saddest $5 billion deal in tech history.”
Last week the second shoe dropped. A disclosure by yahoo that another breach had happened, exposing 1 billion records. It is the single largest data breach in history, surpassing the previous largest breach (also by Yahoo). This latest news will only increase the tension. Verizon had was already seeking to renegotiate its offer. This will further depress the potential valuation.
Sadly, it is the Yahoo account holders who are at the greatest risk. Users have received an email notifying them of the breach, in kind words, and recommending they reset their passwords again. The reality is a significant amount of personal information has been exposed, including phone numbers, passwords, backup email addresses and even security questions. All of which could be used by cybercriminals to the victim’s detriment.
It has been reported that data from these breaches is already available on the darknet, for sale by criminals.
For those who have Yahoo accounts, I recommend you change your Yahoo password and anywhere else where that password was used. Make sure no other sites has your Yahoo email as a backup or listed in the account. Hackers may use it as part of a password reset scheme to get into other sensitive accounts. Never reuse passwords and make sure they are strong and unique. Use a reputable password manger if you need.
I recommend that you quit using Yahoo! Seriously.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
yeah, deleting your yahoo account would probably be best......
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
But remember, just because YOU delete your account, does not mean they actually delete your information in their database. They likely just deactivate it and hide the information from other users. It is still there. If a hacker steals the database, your personal information will be in their hands. So beware all the same.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Sound advice!
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
I had no idea this still existed. Do people really still use this? What year is it?
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
LOL. Well, I was shocked to hear AOL is still alive and kicking. Remember those floppy disks and CD's they would send out by the stacks? Who would have thought that original dial-up (via phone modem, for those pups that weren't around) site was still around? ...mind blown.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
I think one of my friends has an AOL account...........I wonder if it still works?
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Why is it I imagine the current AOL user-base to be mostly comprised of retirement-home citizens, who still have their flip-phones and send their grand kids $5 for Christmas? I don't know for sure, actually complete speculation on my part, but that is how I imagine it.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Changing a password after the system was compromised is useless. Just start with selfhosting and abandon cloud. Nobody needs a cloud today.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
I respectfully disagree. By changing your password, you can either evict an attacker who has already logged in and is watching your account, or one who plans to in the future with your exposed credentials. This is important for an email account, especially if it is used as a recovery email for other accounts (like banking, etc.).
Changing your password should be the first thing you do when notified of a potential breach.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
When a system is compromised, it will contain so many backdoors and hacked software libraries. So to change your password will just tell the attacker how to complete your personal password portfolio: people is mostly using the same passwords on many sites, so they collect passwords and try them on other websites.
When a system is compromised, the only way to fix it is to build another from scratch: there are too many malicious routines which can be everywhere, starting from libraries, operating system, even firmware - which is very close to hardware - can be compromised.
Until Y! don't literally wipe it out and create a new system from scratch, a compromised system is the last system you should give your new credentials to. Since they don't even have money for their business as usual, it is very unlikely they will create a new system from scratch.
I'm sorry, to give Y! new credentials is the best way to get them stolen again.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
But the customers don't own the system. The exposed password, if not changed, can be sold to many others which increases the chances of misuse. Changing it reduces the risk (which is all we do in security anyways) of loss over time.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Only if you put a "one-time" password and then delete your account. A compromised system, today, is compromised FOREVER. You can only abandon it, unless the owner decides to rebuild from scratch.
The customers can own the system: just self-host. Today is not that hard. I am doing at home.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
prefiro nem usar esta conta do yahoo
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
I've not used my Yahoo account in years. I guess I should just close it
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
And figure out what other accounts point to it for password resets. They are at risk too!
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Of course. They may end up re-using an account. Mine has not had anything apart from spam in years. I don't think any active accounts link to it
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
As one of my all-time favorite authors famously said, "There's no such thing as a free lunch." (Robert Heinlein). If you want a free mailbox, expect to get exactly what you paid for. I prefer unseen.is.
Merry Christmas from a chilly Vancouver Island!
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
...if you aren't paying for the product, you ARE the product.
But even for free, I expect spam and marketing, but not having accounts and personal data stolen (several times). There are many free services which are better protected, private, and more safe. If I were Verizon, I would want a serious discount on the purchase valuation price. Just to clean up the mess will be costly.
Stay warm on Vancouver Island.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Sometimes you just get a crit.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit