One Article Review
| Source |  Graham Cluley |
|---|---|
| Identifiant | 111845 |
| Date de publication | 2016-09-22 19:01:25 (vue: 2016-09-22 19:01:25) |
| Titre | Yahoo confirms: at least 500 million accounts hacked in 2014 data breach |
| Texte | Yahoo CISO Bob Lord writes: We have confirmed that a copy of certain user account information was stolen from the company's network in late 2014 by what it believes is a state-sponsored actor. The account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers. The ongoing investigation suggests that stolen information did not include unprotected passwords, payment card data, or bank account information; payment card data and bank account information are not stored in the system that the investigation has found to be affected. Based on the ongoing investigation, Yahoo believes that information associated with at least 500 million user accounts was stolen and the investigation has found no evidence that the state-sponsored actor is currently in Yahoo's network. My advice? Reset your Yahoo password. Make it a strong, complex password - and make sure that you are not using the same password anywhere else on the net. If you were using the same password in multiple places, you need to get out of that habit right now. Reusing passwords is a disaster waiting to happen, and could allow hackers to crack open other accounts using the same credentials. Invest in a decent password manager program to generate random, hard-to-crack passwords, store them securely and remember them for you. If you haven't already done so, enable two-step verification on your Yahoo account. Watch out for phishing emails that pretend to come from Yahoo. More as this news develops. |
| Envoyé | Oui |
| Condensat | 2014 500 account accounts actor addresses advice affected allow already answers anywhere are associated bank based bcrypt believes birth bob breach card cases certain ciso come company complex confirmed confirms: copy could crack credentials currently data dates decent develops did disaster done else email emails enable encrypted evidence found from generate get habit hacked hackers happen hard has hashed have haven include included information information; invest investigation late least lord majority make manager may million more multiple names need net network news not now numbers ongoing open other out password passwords payment phishing places pretend program questions random remember reset reusing right same securely security some sponsored state step stolen store stored strong suggests sure system telephone them two unencrypted unprotected user using vast verification waiting watch what writes: yahoo your |
| Tags | |
| Stories | Yahoo |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.