Privacy Commission advisory on Yahoo breach

Posted on Sep 27 2016 - 12:30pm by Upgrade Staff

The National Privacy Commission (NPC) reiterated the recommendations of Yahoo and cybersecurity experts to Yahoo users to change their passwords on their Yahoo accounts. 

yahoo-security-issue

This follows after the compromise of half a billion user accounts from Yahoo’s servers in 2014 that was only discovered and confirmed by Yahoo this week. Below is what was posted on Yahoo’s email log-in page about the Account Security issue:

“We have confirmed, based on a recent investigation, that a copy of certain user account information was stolen from our network in late 2014 by what we believe is a state-sponsored actor. The account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers. “

An investigation by Yahoo confirmed that a copy of certain user account information was stolen from the company’s network in late 2014 by what it believes is a state-sponsored actor. The ongoing investigation has found no evidence that the state-sponsored actor is currently in Yahoo’s network.

The company is now working with law enforcement authorities and notifying potentially affected users of ways they can further secure their accounts.

Other than changing their Yahoo log-in credentials, the NPC also recommends that Yahoo users change log-in credentials of their other online accounts where they might have used their Yahoo email for account verification purposes. The security questions on Yahoo might also have been compromised and it would be a good idea to revise the security questions or disable that feature.  The NPC also recommends activating two-part authentication to gain first time access to your account. Two-part authentication uses a phone number you provided to verify your identity.

READ:  F5 launches 100 GbE VIPRION blade to support IOT, network migration from 4G to 5G

According to commissioner Raymund Enriquez Liboro: “A compromised email account can be an avenue for a hacker to gain access to other personal on-line accounts of an individual, from social media sites to on-line payment portals. That is why it is important to maintain good password hygiene, use pass phrases with numbers or special characters instead of single words, take note of log-in attempts into your account/s that weren’t initiated by you, and change your password/s two to three times a year, or as many times as  you change your toothbrush.”

It was revealed at a Microsoft Cybersecurity Summit for government agencies that it takes an average of 502 days for system administrators to detect a security breach.

 

Related Posts

F5 launches 100 GbE VIPRION blade to support IOT, ... F5 Networks launched the 100GbE VIPRION blade in response to the growth of the Internet of Things (IoT), service providers evolving to 5G networks, a...
Amdocs to present on future of ‘mobile money’ at S... Amdocs, provider of software and services to communications and media companies, is slated to demonstrate its Mobile Financial Services (MFS) digital ...
New Kaspersky Password Manager now available Kaspersky Lab presented a new version of its freemium solution Kaspersky Password Manager. It offers users remote access to their passwords via their ...
Tidas released to allow password ditching Trail of Bits, a New York City-based information security company, has released Tidas, a first-of-its-kind security tool for app developers that boost...
Web filtering for business: Keep your secrets safe... By Alan Zeichick Web filtering. The phrase connotes keeping employees from spending too much time monitoring Beanie Baby auctions on eBay, and stoppi...
What really haunts I.T. decision makers? Technology is changing at a scary pace. But, what really haunts information technology (I.T.) decision makers as they sit in front of their computer s...
Financial malware more than twice as prevalent as ... Symantec has stressed that even with all the attention ransomware is getting, it’s still easy to overlook other threats, such as those that target the...
Banks spend on IT security 3x higher than non-fina... Financial institutions are under pressure to ramp up security, with trends such as the increased take-up of mobile banking putting banks’ IT infrastru...
7 Things you need to STOP doing online By Sarah Pike of Kaspersky Lab In the beginning, the Internet was not terrifically user-friendly — early users needed tech chops just to get online, ...
Most People share personal information online ... Sharing information or photos on social media platforms like Facebook and Instagram has become second nature for many. But research from Kaspersky Lab...
About the Author

Leave A Response