Print Friendly and PDF
A new way to make Stuffed Green Peppers
Trump hotels pay $50,000 to settle with state of New York over data breaches

Yahoo hacked: What to do if you have an account


Photo: Coolcaesar

Information from at least 500 million user accounts was stolen from the Yahoo network in late 2014, the company said Thursday.

The account information included names, email addresses, telephone numbers, dates of birth, some passwords and, in some cases, encrypted or unencrypted security questions and answers.

The stolen information didn’t include unprotected passwords, payment card data, or bank account information, which is stored in a different system, Yahoo said.

The company is notifying potentially affected users and is asking them to change their passwords. It has invalidated unencrypted security questions and answers so that they can’t be used to access an account.

Yahoo also recommends users review their online accounts for suspicious activity and to change their password and security questions and answers for any other accounts on which they use the same or similar information used for their Yahoo account.

The company advises users to avoid clicking on links or downloading attachments from suspicious emails and that they be cautious of unsolicited communications that ask for personal information.

Mike Litt, consumer program advocate at U.S. PIRG, said the announcement two years after the fact raises troubling questions about how the breach was able to take place, especially after a breach of 450,000 of its accounts in 2012.

Litt said the information stolen in this breach could be used to “phish” or gather additional information that can be used to access existing credit accounts or create new credit accounts.

“It is imperative that Yahoo’s response to this breach not fall through the cracks as its acquisition by Verizon Communications is finalized,” he said.

In addition to changing passwords and being on the lookout for suspicious activity on other online accounts, Yahoo should also alert its users to the benefits of credit freezes and offer to pay for credit freezes with all three major national credit bureaus, Litt said.

“Such a response would be the most consumer friendly response to a major data breach and would be a huge advancement for identity theft prevention in our country,” he said.

Consumers can prevent identity thieves from opening new credit accounts in their names by placing freezes on their credit accounts. Credit freezes help prevent new account identity theft because they keep potential creditors from seeing consumer credit history, without which new accounts are typically not opened.

For more information, see “Why You Should Get Security Freezes Before Your Information Is Stolen.”

Copyright 2016, Rita R. Robison, Consumer Specialist




Feed You can follow this conversation by subscribing to the comment feed for this post.

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Your comment could not be posted. Error type:
Your comment has been posted. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.


Post a comment

Your Information

(Name and email address are required. Email address will not be displayed with the comment.)