Experts have advice for people who are concerned about the massive theft of personal data from Yahoo. Last week, Yahoo announced that more than 500 million users were affected by what it called a state-sponsored attack two years ago.
Tumblr and Flickr affected too
Among the information stolen were names, dates of birth, e-mail addresses, phone numbers, encrypted passwords as well as some unencrypted security questions and answers. The breach could have also affected users of Yahoo Sports, Flickr or Tumblr.
“It’s a good reminder that no online service is safe from these kinds of hacks in an indefinite way,” says David Gerhard, professor of computer science at the University of Regina. “People get hacked from time to time. Companies get hacked from time to time. And it’s the responsibility of us, the users of those online services, to make sure that we are using appropriate security protocols.”Listen
Change those passwords
To mitigate the risks, Gerhard suggests changing passwords frequently and not using words found in the dictionary but letter-word combinations. He also suggests using e-mail accounts frequently to make sure nothing odd is going on and says it is important to shut down old accounts as they present the most risk.
If you have forgotten the password you can change it if you have provided a second email address. Gerhard says if you discover that an answer to a security question has been hacked, to not use that question again.
I asked him how users can remember all the passwords they are expected to change. He suggests you write them down in safe place. Even though users are usually warned against doing this, he says the hackers are often far from the physical presence of their victims. Gerhard also suggests the use of online password systems that can manage all your passwords for you while you only have to remember one.