In early October, Yahoo admitted that every single one of its 3 billion user accounts was hacked in 2013. The company reported, “recently obtained new intelligence” that showed that all accounts had been affected. Yahoo’s information was protected with outdated encryption that was easy for hackers to circumvent.
This data theft was three times the size of an earlier estimate, which was already considered the largest breach in history. According to its attorneys, Yahoo’s new owner Verizon Communications will have increased legal exposure.
Already coming off at least 41 class-action lawsuits due to the breach, this will likely lead to more. However, the company has stated that the stolen information did not include passwords in clear text, payment card data, or bank account information.
Do you or did you have a Yahoo account? Here’s what you should do:
1. Change Your Password
It’s extremely important to change your passwords on all your accounts every 6 months or so. Make sure they’re strong and not easily guessable. Despite warning against these passwords for years, the Telegraph reports that the most popular passwords in 2016 were obvious ones such as “123456,” “qwerty,” and yes, even “password.” Ideally, you should pick a long memorable “passphrase” instead of a word. String a few words together that you can remember. The longer your password is, the safer you are.
2. Don’t Reuse Passwords
Even if you have one extremely good password, it’s no good in a large-scale hacking event like Yahoo or Equifax. You should always use different passwords for each account.
3. Use Two-Factor Authentication When Possible
Ideally, you should two-factor authentication. This means that when you log into an account with a password, you receive a text with a code to verify your login. This will alert you anytime someone tries to log into your account.