Yahoo currently has not identified how the breach occurred but has traced the breach back to an unauthorized party gaining access in August 2013. According to The AP, Yahoo has taken steps to secure account information and is working with law enforcement. As with the previous breach in September, compromised data includes names, email addresses, dates of birth, phone numbers and passwords.
Yahoo recommends visiting their Safety Center page, but they offered some quick tips to help users protect their account:
Change your passwords and security questions
Review all of your accounts for suspicious activity
Be cautious of any unsolicited communications that ask for your personal information or refer you to a web page asking for personal information
Avoid clicking links or downloading attachments from suspicious emails
Consider using Yahoo Account Key, an authentication tool that eliminates the need to use a password on Yahoo
Even if you don't have a Yahoo account, now would be a good time to brush up on some cybersecurity best practices. In Datto's Essential Cybersecurity Toolkit for SMBs, we offer quick and easy tips for setting up a training program, how to spot cyber scams, and essential solutions for data protection. Download it today!