My guess is that you’ve already heard about the big Yahoo data breach that was recently confirmed by company officials.
It’s been reported that the breach actually occurred clear back in 2014, and that data (email addresses, names, phone numbers, birthdays, hashed -or encrypted- passwords, security questions, etc.) from at least 500 million user accounts was stolen from the Yahoo network.
Thankfully, it doesn’t appear that any credit card information was taken with the breach.
But now the word from one former Yahoo executive is that the number of affected accounts could be more like 1 to 2 billion (yes, that’s billion with a “B”). And even if the former executive has an ax to grind with Yahoo, and is over-blowing the number, the original confirmed 500 million number is still pretty scary.
But let’s add some more kindle to the fire, shall we?
Yet another new report alleges that Yahoo has been letting the NSA and/or the FBI scan millions of accounts for specific (but unknown to us) information, which is the first known instance of a U.S. Internet-related company letting this happen.
Not good, Yahoo, not good at all.
Yahoo is still a Big Player
Yahoo was one of the original pioneer sites on the Web, getting it’s start back in March of 1994 as a site directory (it’s been said that “Yahoo” stands for “Yet Another Hierarchically Organized Oracle”).
Yahoo was one of my early “favorite” sites back in the mid-1990’s, and my first web-based email account (not counting AOL) was with Yahoo, and I used to teach classes on it and promote it to my students.
But when Google started it’s upward dominance in the late 1990’s and into the 2000’s, Yahoo slowly started slipping down the popularity scale.
Even so, today Yahoo is still the #3 search engine with 300 million monthly visitors, behind Google (1.6 billion) and Bing (400 million). (CLICK HERE to visit eBizmba for a complete list)
Plus, Yahoo is ranked #6 on the Alexa charts of the top visited sites (CLICK HERE To visit Alexa)
That’s a lot of folks visiting and using Yahoo on a regular basis.
But what makes the entire data breach fiasco even a bigger deal is that Yahoo owns and operates other popular web sites and services, which means that users of those sites are also affected.
Those other sites include:
- Tumblr (a blogging service)
- Flickr (a photo sharing service)
- Rivals.com (a fantasy news and sports site)
What is the Danger?
If you have an Yahoo account (or an account with those other Yahoo-owned sites), and your information was stolen with the data breach, there are a couple of different problems that can arise.
The first potential problem is of “password and security question reuse“, where you are someone who uses the same password or security questions for multiple sites. If Yahoo was one of those sites, your account on the other sites where you use the same password or questions could be compromised.
The second problem comes from having your email stolen, and comes in the form of potential “phishing emails” starting to arrive.
Of course if you are not someone who likes the government looking over your shoulder, the third problem could be that information in your emails might now be a more public thing… or at least something that Uncle Sam now knows about.
The bottom line is, having information you consider private stolen in this way can be a headache.
What Should I Do?
If you have a Yahoo account, or an account with Tumblr, Flickr, or Rivals, the first thing you should do is log into them and change your information.
- Change your password (CLICK HERE To read my article on creating a good password).
- Change your security (secret) questions.
- Enable Tw0-Step verification (Yahoo, along with many other online accounts, now allows you to turn on two-step verification, where you’ll get a text message whenever someone attempts to log into your account from an unknown device).
- Monitor Your Account (log in on a regular basis and make sure nothing looks suspicious).
- Be Extra Cautious of Phishing Emails (CLICK HERE to read my article about Phishing Emails).
Should I Part Ways with Yahoo?
I guess the ultimate question is, has Yahoo gone past the “line of privacy” in having data stolen and letting the government scan emails?
Only you can answer that question for yourself, but considering that there are lots of alternatives out there for email, searching, photo sharing, etc., it might be something to consider.
If you do decide to give up on Yahoo, and want to cancel your account, CLICK HERE to visit the Yahoo Help Page that shows you how to do it, and warns you about the various ramifications of cancelling your account.
I haven’t personally cancelled my account, even though I no longer use it on a regular basis (I’ve become a Google kind of guy).
I keep my Yahoo account because I’m a technology teacher and still get questions about Yahoo that I have to log into the service to research.
But I have taken the steps I mentioned above, and have changed my password and turned on 2-step verification.
Now I guess I’ll just wait to see what happens next!
As always, I would love to hear your comments about the Yahoo data breach and what you’re going to do if you have a Yahoo Account. You can leave your thoughts below!!!
Thanks for this article. I have a new PC and have setup my Yahoo email, and get notices daily about attempted breeches. I have followed the above steps. This does not happen on my IPhone or IPad. Now I’m at the point I’d like to get Yahoo off of my desktop and open a second email account. Linda