Two years ago, Yahoo became the victim of the biggest known hack in Internet history. This is old news, except for one recent development – Yahoo claims to have just found out about it and reported that the access credentials of 500 million email accounts had been stolen!
Evidently, IT security had been a low priority at Yahoo for many years. The magnitude of the theft has sparked an FBI investigation and the incident may give Verizon grounds to terminate or renegotiate its planned acquisition of the company. Meanwhile, Yahoo has advised customers to change their passwords.
Realistically, changing passwords two years after a breach may not accomplish much. With access to email accounts over such a long period, hackers have already gleaned detailed information that can be used to launch other criminal activities such as identity theft which can permit access to financial, healthcare and school records. These records can be sold on the dark Internet to initiate countless cycles of new criminal activity.
Since a security fix at Yahoo is probably a long way off, the logical solution for users would be to terminate their accounts. This doesn’t solve the problem because all the emails are most likely in the hands of criminals already. And terminating accounts does not erase the users’ information on Yahoo’s IT systems.
If users maintained the same Yahoo access credentials for other Internet services, those accounts are exposed to risk as well – and changing them should be the highest priority.
Some security experts recommend that users discontinue reliance on Yahoo to avoid getting into deeper trouble. They also recommend making arrangements with another service – and, although it may be too late – delete all emails and folders from Yahoo. Then use the “forgot password” feature to apply a very long password that will be easily forgotten.
DataLink has security solutions to suit any business need, including protecting your email and other IT systems from potential intrusions. Contact us today: 410.729.0440 or sales@DataLinkTech.com.
