You may have already seen news coverage about it, but yesterday Yahoo announced that data from at least 500 Million email accounts had been stolen. The data stolen may have included:
- Email Addresses
- Backup email addresses
- Telephone Numbers
- Dates of Birth
- Hashed passwords.
If you have a Yahoo account, even if you haven’t used it in a long time, login and change your password. If you use the same password for any other accounts, then change those passwords as well.
Also, be on the lookout for scam / phishing emails about the breach, this is a great opportunity for the bad guys to attempt to steal your information, even if you weren’t effected by the breach. Don’t follow links that you receive in emails, and do not open attachments in any suspicious emails.
The data was apparently stolen in 2014, and has recently been seen up for sale on the dark web. Yahoo believes it was a state actor (someone working for a government) responsible for the breach.