Tech Made Simple

Hot Topics: How to Fix Bluetooth Pairing Problems | Complete Guide to Facebook Privacy | How to Block Spam Calls | Snapchat Symbol Meaning

We may earn commissions when you buy from links on our site. Why you can trust us.

author photo

One Billion Yahoo Accounts Hacked: Should You Panic?

by Elizabeth Harper on December 16, 2016

One Billion Yahoo Accounts Hacked: Should You Panic?

In September, Yahoo announced what was at the time thought to be the biggest data theft ever, with 500 million accounts breached. It turns out that was just the tip of the iceberg: we've just learned that another 1 billion Yahoo accounts were compromised in an earlier—likely unrelated—attack in August 2013. While hackers didn't get any financial information, they did acquire logins, encrypted passwords, birth dates, secret questions and answers, and other personal data.

And while we know—or should know—not to reuse passwords across multiple sites, the other data is concerning. Security questions and answers, which typically use basic factual information to verify your identity, is especially concerning because we often do use those details across multiple accounts. (And we're learning that to stay secure, we shouldn't answer those questions truthfully.)

Yahoo is making affected users change their passwords and, in some cases, update their security questions, but you should do more—even if your account, wasn't among those hacked. Here are the steps Yahoo users should take immediately:

Change your password.

If you've ever used your Yahoo password as the password to login to any other sites or services, change those account passwords.

If you used the same answers to secret questions on other sites, you need to change those answers. If you aren't sure what secret questions and answers you've used, it's a good time to go through and update the answers everywhere.

For extra security, turn on two-factor authentication for your Yahoo account.

If you don't have a Yahoo account, there's no reason to be complacent. More breaches will happen, and you can take steps to protect yourself now. This is what we recommend for all Internet users:

Never share passwords between accounts. If you have accounts using the same passwords, change them now, before a security breach at one site means all of your passwords are compromised.

Follow our tips for creating a strong password.

Use a password manager to help make the process of managing multiple passwords simple. Don't write your passwords down and definitely don't keep them on a Post-it note stuck to your monitor.

Use two-factor authentication for sites that support it. This requires you to enter your username, password and an additional code (typically texted to your phone) in order to sign in—and it means that even if hackers get your password, they can't get into your account. Check this list of services that support two-factor authentication to find out if your frequently-used sites are on the list.

Lie when answering secret questions. (This is information you can also keep track of using a password manager.)

Delete accounts you don't use anymore. While this may or may not keep you safe from a new hacking attack if any of your data is kept on file, there's no need to keep personal data stored on a service you don't use anymore.

Whether you've been affected by this hack or not, beware of scams in the coming weeks. With a huge security breach like this we're certain to see scammers sending emails and making phone calls trying to convince you that your account has been compromised—and you need to give them your personal information to fix it. But while such messages sound important, they can be a fast track to having your information stolen again. Never give out personal information in response to an unsolicited email or phone call, no matter how legitimate it seems. Instead, contact the company directly to be sure you're taking appropriate measures—and not simply handing over your data to another scam.

Now, get to changing those passwords, everyone!

[Image credit: Yahoo mail on phone via BigStockPhoto]


Computer Safety & Support, News, Computers and Software, Blog

Discussion loading


From Marta on December 16, 2016 :: 3:26 pm

The best solution, get ride of all Yahoo services!



From Micki on December 16, 2016 :: 11:29 pm

I changed everything the FIRST time Techlicious advised us to do so back in October(?).  Are you advising us to change everything AGAIN?  This is confusing!



From Josh Kirschner on December 17, 2016 :: 11:54 am

Yes, it is confusing. The fact that Yahoo is discovering these huge hacks years later is really a mess…

If you changed passwords and security questions recently, then you don’t need to change them again. This newly-revealed hack took place back in 2013, so won’t impact anything after that.


Home | About | Meet the Team | Contact Us
Media Kit | Newsletter Sponsorships | Licensing & Permissions
Accessibility Statement
Terms of Use | Privacy & Cookie Policy

Techlicious participates in affiliate programs, including the Amazon Services LLC Associates Program, which provide a small commission from some, but not all, of the "click-thru to buy" links contained in our articles. These click-thru links are determined after the article has been written, based on price and product availability — the commissions do not impact our choice of recommended product, nor the price you pay. When you use these links, you help support our ongoing editorial mission to provide you with the best product recommendations.

© Techlicious LLC.