According to security firm Sophos this is what you should do if you think you have been affected by the Yahoo data breach.
Global head of security research at Sophos James Lyne said: "We continue to see even the biggest companies breached by cybercriminals looking to gain access to the private information their users provide to create a profile, including their password, date of birth or security question data. Cyber criminals are very proficient at using such data to commit broader fraud, so the ramifications of such a breach can extend well beyond e-mail.
Being aware of any data breach is important because many people use the same password for multiple accounts."
For Yahoo users and all computer users, Sophos advises these six steps as “best practice” for protecting personal data and pre-empting potential fallout from any data breach:
- Change your Yahoo password immediately
- Reset this password, if you’re reusing it on other online sites. Cybercriminals are now using tools that sniff out passwords reused on other, more valuable sites to make their work easier and to make the stolen passwords and other hacked data more lucrative on the dark web
- Make all new passwords different and difficult to guess – yes, you need to create different passwords for every site you visit
- Make all new passwords different and difficult to guess – yes, you need to create different passwords for every site you visit
- Include upper and lower case letters, numbers and symbols to make passwords harder to crack - refer to the Sophos Password Quick Tips guide for creating stronger passwords
- Don’t trust password strength meters - these are unreliable and inaccurate
- In general, it’s always good practice to update your passwords, password manager and security questions, if you hear of a potential data breach that might affect you. Even data breaches from several years ago could still impact you today.”