Business

Massive Yahoo Hack Spurs Tips from Experts

Hackers swiped personal information associated with at least a half-billion Yahoo accounts — the biggest known data breach in history.

News of the breach was first made public Thursday, Sept. 22. The hack revealed names, email addresses, phone numbers, birth dates and, in some cases, security questions and answers, Yahoo said in a news release.

Encrypted passwords, which are jumbled so only a person with the right passcode can read them, were also taken.

Wallet Hub, a D.C.-based consumer website that provides customized credit-improvement advice, savings alerts and other products, this week offered several tips to help individuals protect their personal information.

“Change your Yahoo password and security questions, change any passwords and security questions similar to what you were using on Yahoo and enable two-factor authentication where your Yahoo account may have been comprised, but your cellphone wasn’t,” said Jill Gonzalez, a WalletHub analyst. “So use it as another layer of protection when logging into your email account and financial websites.”

Whether affected or not, individuals should sign up for free credit monitoring and be wary of Yahoo emails, authorities said. The company is also warning customers not to click on any links or open any attachments in emails sent by Yahoo because the messages could come from imposters, Gonzalez said.

Authentic Yahoo emails regarding the data breach will not contain links or attachments and won’t ask for any personal information.

“Whether it’s someone showing up at your door, calling you on the phone or sending you an email asking for personal information, you shouldn’t respond if you didn’t ask to be contacted,” Gonzalez said.

The hack serves as a reminder of how widespread such action is and highlights the vulnerability of passwords, CNET.com reported.

Cybersecurity specialists recommend using a different password for each account an individual has on the internet. Other experts are working on alternatives to passwords, including biometrics such as fingerprint or retina recognition.

John Kiernan, senior editor at WalletHub, advises to change account PINS and passwords in the meantime.

“Security experts typically recommend changing passwords every few months and using an eight- to 10-character mix of upper- and lower-case letters, numbers and symbols for maximum security,” Kiernan said. “But it’s especially important following a case of identity theft.”

It’s also important to review mail and credit card statements carefully to make sure that you receive all of your expected monthly account communications from lenders, WalletHub officials said, noting that is a good way to confirm that none of your accounts have been hijacked.

“Thoroughly reviewing these documents for transactions or references to account changes that you do not recognize is similarly beneficial,” Kiernan said. “Taking a bit of extra time to scrutinize the mail you receive every day will reduce the likelihood that you’ll discard a letter from a lender, the IRS, the Social Security Administration or any other organization that may be trying to notify you about a past-due balance or change in account preferences that could signal fraud.”

Enrolling in electronic account access is also important, he said.

“It’s easiest for a fraudster to pull off this type of scam when you, the real account-holder, have not yet registered your account for online access or established account preferences regarding electronic communications,” Kiernan said.

This is especially prevalent when the victim doesn’t even realize online account access is available, as is the case with many elderly people and the Social Security Administration’s “My Social Security” web-management tools.

“Every case of Social Security fraud I’ve investigated in the past year and a half I traced back to the [My Social Security] program as the source — not because it was breached, but because the victim didn’t know about this new account being available and they didn’t take any action so the criminal did,” said Carrie Kreskie, director of the Identity Theft Institute at Hodges University. “The easiest way to minimize your chances of falling victim to this type of scam is to claim your online account and use a strong password to protect it.”

Tags
Show More

Stacy M. Brown

I’ve worked for the Daily News of Los Angeles, the L.A. Times, Gannet and the Times-Tribune and have contributed to the Pocono Record, the New York Post and the New York Times. Television news opportunities have included: NBC, MSNBC, Scarborough Country, the Abrams Report, Today, Good Morning America, NBC Nightly News, Imus in the Morning and Anderson Cooper 360. Radio programs like the Wendy Williams Experience, Tom Joyner Morning Show and the Howard Stern Show have also provided me the chance to share my views.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *


By submitting this form, you are consenting to receive marketing emails from: Washington Informer Newspaper, 3117 Martin Luther King Jr. Ave SE, Washington, DC, 20032, http://www.washingtoninformer.com. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Back to top button

My News Matters to me - Washington Informer Donations

Be a Part of The Washington Informer Legacy

A donation of your choice empowers our journalists to continue the work to better inform, educate and empower you through technology and resources that you use.

Click Here Today to Support Black Press and be a part of the Legacy!

Subscribe today for free and be the first to have news and information delivered directly to your inbox.


By submitting this form, you are consenting to receive marketing emails from: Washington Informer Newspaper, 3117 Martin Luther King Jr. Ave SE, Washington, DC, 20032, http://www.washingtoninformer.com. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact
Close

Adblock Detected

Please consider supporting us by disabling your ad blocker