Yahoo was hacked and the company admits an unknown number of email accounts were compromised. A company spokesman said the attack was a “coordinated effort.” The hackers reportedly gained access to a database of user names and passwords, which belonged to another company. Although the company was not named, a spokesman said the database was accessed using malicious software.
As the breach is under federal investigation, the spokesman was unable to confirm specific details, including how many accounts were compromised. However, more than 273 million users have Yahoo email accounts. The spokesman said the affected users were prompted to reset their passwords.
In an official statement, Yahoo admits they were hacked. The company also outlines their continued effort to protect users:
“We are resetting passwords… we are using second sign-in verification to allow users to re-secure their accounts. Impacted users will be prompted (if not, already) to change their password and may receive an email notification or an SMS text if they have added a mobile number to their account.”
The statement explained that the company is currently working with federal law enforcement officials to identify the source of the attack. They also said they are committed to increasing their internal security protocols.
As reported by Forbes, theft of passwords is a serious and ongoing issue. The goal of most attacks is to access financial information. While financial institutions often have increased security measures, hackers rely on the fact that many users choose identical user names and/or passwords for numerous accounts.
Users are reminded to choose different usernames and passwords for their email, gaming, banking, and social media accounts. Remembering numerous passwords can be a burden. However, it is definitely worth the trouble.
Password managers can ease the burden by choosing and storing passwords for multiple sites. The information is stored in an encrypted database, which keeps the data secure.
Users who are not interested in a password manager can create more secure passwords by including symbols, numbers, and capital letters. Experts also suggest using long passwords, as they are more difficult to hack.
Security questions, which are used to retrieve passwords, can also be easily breached. Although the questions are meant to be personal and secure, the answers can often be gathered from social network and other public profiles. Forbes recommends creating unique security questions when possible.
Although Yahoo was hacked, they have reportedly informed all affected users. Those who are concerned about their accounts are encouraged to reset all their passwords.