Feb 1, 2014   //   by nick   //   Internet Security  //  No Comments

On January 30th Yahoo announced that its mail has been the focus of a coordinated hack and that at this time it has confirmed a number of users e-mail accounts have been compromised – you may be one of them. It is not clear how many users have been compromised, or exactly how. Yahoo doesn’t have a history of providing much information but it would be prudent for any Yahoo mail users to take precautions. Between the vague statements about malicious code and “a third party was probably to blame” Yahoo has been resetting the credentials of affected users via e-mail and SMS if your mobile is on file. While details are scarce at this time this continues a trend of bad security and resilience news for Yahoo who experienced a multitude of issues in 2013. The company made clear in their announcement that a third party database with shared credentials was likely the source and that they had no evidence the usernames and passwords were taken directly form their systems. Whether the third party was one they provided data to, or whether it was a random third party with shared credentials is not particularly clear. There is insufficient detail to lay blame at this time, but certainly it would be prudent to take steps to secure yourself.

The best way for my neighbors here in Connecticut to protect against being hacked is to minimize your exposure by hardening your public profile. Changing your password on a monthly basis and creating one that has more than just numbers and letters but also include symbols, underscores and hyphens is the best method. Look for a follow up post from Mr. Computer on best practices for hardening your publicly used passwords.

Leave a comment

Mr. Computer