Jump to Main ContentJump to Primary Navigation
Top

Got a Flickr or Yahoo account? You're going to want to change your password

yahoo.png

Yahoo has confirmed that some 500 million user account details have been stolen by what they describe as "a state-sponsored actor".

The internet company explains that in 2014 a large amount of user details - including names, email addresses, telephone numbers, dates of birth, hashed (partially protected) passwords and some security questions - were stolen from its network.

It's thought to be the largest hack of its kind, and even has the potential to destabilise a multi-billion dollar merger deal with US telecom group Verizon - but you don't care about Yahoo's woes, you want to know if you're at risk, right?

Am I affected by the Yahoo hack?

If you've got a Yahoo account that existed before late 2014, or haven't changed your password since 2014, there's a very good chance your data was stolen in the security breach. Yahoo will be emailing every potentially affected user by email and will be posting further security details to its website

Yahoo accounts are also linked to many Flickr accounts - the popular imaging service owned by Yahoo. The company has said that "some" Flickr account users will have been affected, but hasn't stated how many. To be on the safe side, you're going to want to change details associated with your Flickr account as well. 

As for Yahoo's other big web service, Tumblr, you're apparently in the clear: "The systems from which the data was stolen contained no Tumblr user data at the time of the theft" writes Yahoo.

What should I do?

Foremost, change the password of your Yahoo account. Right. Now. Then, set up two-step verification for your Yahoo account: this system will notify you on a phone number or separate email account if someone is attempting to access your account, sending you an extra code that's required before you (or someone else) can get onto your account. You'll also want to change your security questions. 

Then, have a good hard think about any other accounts you've got that shared the same email and password as your Yahoo account. As the stolen details included telephone numbers and dates of birth, all this data represents a high risk of identity fraud.

You should never use a password for more than one account - but we know how bloody infuriating it is to think up a new password every time you order anything on the internet. Any service you use that has the same details as your Yahoo account is now potentially at risk of being accessed should someone pick up these stolen details.

Anything else?

In addition to changing passwords and adding two-step verification to every service that offers it, you're going to want to keep an eye out for suspect emails. 

If hackers have just grabbed a load of email addresses, they may send messages containing harmful attachments. As is normal practice for any odd email from a sender you don't recognise, delete it: don't open it, don't reply to it, don't click on any links it contains. Be cautious. 

Otherwise, Yahoo is advising user to "Review your accounts for suspicious activity". Check your sent items. Check details associated with your account. 

Yahoo is continuing investigations into the hack, as is the FBI. We'll doubtlessly hear who the potential "state" behind the sponsored attack is in the near future.

Related

USA.jpg

Russian hackers claim to have proof of US Olympic doping

shock.jpg

Some 800,000 porn accounts were just leaked online

dropboxhack.jpg

Got a Dropbox account? You're going to want to change your passwords

Comments

More

WhatsApp is about to stop working for millions of smartphone users

And it's bad news for Nokia or Blackberry users

by Tom Fordy
02 Dec 2016

Delete yourself from the internet with this handy website

And just like that, he was gone.

by Sam Diss
28 Nov 2016

Get on ‘Sindr’ the Catholic Church’s confession app

Swipe to find God in your area

24 Nov 2016

Apple to replace faulty batteries on iPhone 6s devices

21 Nov 2016

These are the worst passwords on the web

Best check yours isn't one of them

17 Nov 2016

What does Facebook really know about you

From ads to linked apps to everything in between

by David Cornish
17 Nov 2016

This Chrome extension will warn you of fake news stories

A handy Google Chrome tool for the post-truth era

by David Cornish
17 Nov 2016

An awesome paper cycling helmet wins Dyson design award

Only £4, and it'll save your life

by David Cornish
17 Nov 2016

Here are all the fake images people have idiotically been sharing

Delete these

by Tristan Cross
16 Nov 2016

Super Mario Run is coming to your mobile phone

Nintendo's mobile platformer finally gets a release date and price

by David Cornish
16 Nov 2016