Get SF Weekly Newsletters

Thursday, January 30, 2014

Yahoo! Email Usernames and Passwords Were Stolen. Here's What You Need to Do Now

Posted By on Thu, Jan 30, 2014 at 3:12 PM

click to enlarge Change your password -- then try your darndest to remember it
  • Change your password -- then try your darndest to remember it

Hey, Yahoo! customers, don't freakout just yet -- you aren't the only one having trouble accessing your email account this afternoon. Yahoo! announced that the usernames and passwords to a bunch of accounts were stolen, creating a total e-nightmare for us all.

The company posted the news on its blog, saying they're taking immediate action:

Per the blog:

Security attacks are unfortunately becoming a more regular occurrence. Recently, we identified a coordinated effort to gain unauthorized access to Yahoo Mail accounts. Upon discovery, we took immediate action to protect our users, prompting them to reset passwords on impacted accounts.

Based on our current findings, the list of usernames and passwords that were used to execute the attack was likely collected from a third-party database compromise. We have no evidence that they were obtained directly from Yahoo's systems. Our ongoing investigation shows that malicious computer software used the list of usernames and passwords to access Yahoo Mail accounts. The information sought in the attack seems to be names and email addresses from the affected accounts' most recent sent emails.

Here's what Yahoo! is doing to protect you:

  • Resetting passwords on impacted accounts using second sign-in verification to allow users to re-secure their accounts. Impacted users will be prompted (if not, already) to change their password and may receive an email notification or an SMS text if they have added a mobile number to their account.

  • Working with federal law enforcement to find and prosecute the perpetrators responsible for this attack.

  • Implemented additional measures to block attacks against Yahoo's systems.

Now here's what you can do to help keep your accounts secure:

  • Get better password practices. Start by changing your password regularly and using different variations of symbols and characters. Never ever use the same password on multiple sites or services. That's exactly what makes users vulnerable to these kinds of messes.

  • Sign out after every session. This is especially important if you are using a public computer

  • Check your login activity

  • Be suspicious of unknown/weird links

  • Add an alternate email address and mobile number to your account. Have a recovery link sent to your email or a text message sent to your mobile phone to recover your password if you ever lose access to your account.

And finally, Yahoo! is very sorry about all this.

"We regret this has happened and want to assure our users that we take the security of their data very seriously," Yahoo! said in a statement.


  • Pin It

About The Author

Erin Sherbert

Erin Sherbert

Bio:
Erin Sherbert was the Online News Editor for SF Weekly from 2010 to 2015. She's a Texas native and has a closet full of cowboy boots to prove it.

Comments

Subscribe to this thread:

Add a comment

Popular Stories

  1. Most Popular Stories
  2. Stories You Missed

Like us on Facebook

Slideshows