Multi-media giant Yahoo isn’t holding back about the gravity of its recent data breach.
The company has come clean that as many as one billion user accounts have been affected.
To date, it is the largest data breach of a single company, as measured by the number of users affected.
The data breach actually involves two separate hacks.
One happened in 2013 and the other in 2014.
The hackers stole information that included phone numbers, dates of birth, and security questions that Yahoo users answer to prove their identities.
It wasn’t just active accounts that were exploited, either.
The hackers also accessed personal information from users who haven’t touched their accounts in years, many of which might not even know that they are victims at all.
For those affected, the company is forcing users to change passwords.
This alone might not be enough, however.
Officials warn that the hacks are old, meaning that the hackers have had the information for a significant period of time.
It is difficult to truly know what damage might have occurred in that period of time.
What’s not clear is how the breach happened.
Investigators continue to look into the matter, though they believe that it is the work of the same state-sponsored actor behind the data breach disclosed in September 2016.
It’s also not clear if Yahoo made a timely report of the data breach, as federal law mandates.
There are several pending lawsuits stemming from the breach.
Impact on Business
The concerns about the recent data breach have been so great that Verizon Communications has delayed plans to merge with the company.
The original deal with Verizon was supposed to be worth more than four billion dollars.
Because of the past several breaches, that deal is on hold.
Verizon is now questioning the value of the company, claiming that the data breaches mean that the company is not worth what it might have been without the security issues.
There are recent reports indicating that the deal is being renegotiated for a lower price.
Critics say that Yahoo hasn’t placed enough value on consumer security.
They say that other media giants such as Facebook and Google have done a better job of developing and maintaining security for users, whereas Yahoo has prioritized consumer convenience over security.This different in priority might have resulted in the data breach, they say.
Others say that users should put more time and energy into creating and using strong passwords.
What Can Victims Do?
Experts recommend that computer users have different passwords for different accounts.
That way, if one account gets breached, the hackers can’t use the retrieved information to access other personal accounts, such as bank accounts or social media accounts.
Users also need to be skeptical.
If they receive emails seeking personal information, they need to ensure it’s from the company that it claims to be from.
If the email wants the user to enter personal information, the user should exercise extreme caution.
Another way that users can protect themselves using Yahoo is by using a Yahoo Account Key, which allows users to verify identity using a phone number.
Victims should be monitoring their credit, as well.
This can help them notice if anyone tries to take out credit in their name.
Credit monitors can also send notifications of suspicious activity.