Yahoo recently disclosed that it has discovered a breach of more than one billion user accounts that occurred in August 2013. This is believed to be a separate attack from the breach Yahoo reported in September.
Bob Lord, chief information security officer at Yahoo, said the stolen user account information may include names, email addresses, telephone numbers, dates of birth, hashed passwords, and in some cases, encrypted or unencrypted security questions and answers. Whether or not you have a Yahoo account, this is a great reminder to make sure you’re following best practices when it comes to your online security.
Create Strong Passwords
Take a look at the most common passwords from last year and it’s a canvas of simplicity. “123456” and “password” are the two most common, with other easy-to-guess passwords like “football” and “abc123” high up on the list.
While these are easy to remember, they’re also quite easy to guess. Refrain from using your name, birthday, or pet’s name in your passwords; instead, use long, strong, unique passwords with a mix of numbers, letters, and special characters. Don’t reuse passwords across multiple apps and sites and also be sure to update your passwords regularly – it’ll help further protect your information from being accessed.
When your computer or an app asks if you’d like to update to the latest version, do you typically ignore it, or click “Remind Me Later?” Get out of that habit – those updates are there for a reason. Developers are constantly fixing bugs and adding security adjustments and patches to make your devices safer.
Keep an Eye out for Phishing Scams
Phishing scams often come in the form of a fraudulent email message. Though they can occur at any time, they’re even more prevalent during the holidays, with cyber criminals sending what appears to be a legitimate offer. Avoid clicking on links or downloading attachments from suspicious emails, especially if you don’t know the sender. Be wary of emails that ask for personal information or refer you to a website to input your information, even if it appears to come from a retailer you do business with. The best way to confirm if the retailer really sent the email, is to call the legitimate entity directly to confirm the email is legitimate.
Monitor Your Payments
Keep records of online transactions and monitor bank and credit card statements to ensure there aren’t any fraudulent charges. Contact your bank or credit card company immediately to report suspicious activity or charges – even small ones. Oftentimes, cyber criminals test small amounts to ensure the account is active. Take the time to set up monitoring services to help you keep an eye on all your financial accounts.
This latest breach is another reminder that no company is safe from cyber attack. However, by taking a proactive approach to online security, you’re doing your part in safeguarding your information and minimizing your vulnerability to attack.
By Morgan Grevey, Marketing Manager, CSID | December 16th, 2016