The 2013 Yahoo breach (discovered in 2016) was thought to have affected a record breaking 1 billion accounts. That’s billion with a “B”! As of yesterday, however, Yahoo tallied the total accounts affected and revised the figure upwards to over 3 billion.
Yahoo claimed nation-state actors accessed internal code, which allowed them to forge cookies to access specific email accounts while placing fraudulent links in Yahoo search results.
What does this all mean? It means there’s still work to be done. If you are or were a Yahoo user, you should take the following precautions if you have not done so already:
- Change your Yahoo password and security questions ASAP. RoboForm Password Generator will quickly generate a strong and unique password which can be used to update your account. The Generator allows you to set specific security parameters including, number of characters, minimal number of digits, and inclusion of special characters.
- Ensure you are not using the old Yahoo password on any other sites. RoboForm’s Security Center allows you to evaluate the strength of your passwords, flagging weak, reused, or duplicated passwords. In our Windows version you can also search for instances of the specific password via our Search Files feature. Click the Taskbar icon -> Tools -> Search Files.
- Opt to use multifactor authentication (2FA) or One Time Password (OTP) verification on all sites that support it. By enabling the RoboForm OTP feature, you can also specify which computers and devices can access your RoboForm account.
- Use a password manager (we obviously recommend RoboForm!) to that will generate and remember your complex and unique passwords for every site and app you log into. The one click logins are great too.
Epic third-party breaches may be unavoidable, but by taking the proper password precautions, before and after, you can greatly mitigate potential damages.