Details on five hundred million Yahoo user accounts compromised - UPDATE - Now all accounts

[krooton]

Must admit that I am one of these strange people that use a Yahoo email account as my primary. I do have a Gmail account too but I've had the Yahoo account for years. Changed my password a couple of times since 2014 so not too worried

Same, I've had mine since 99, and it is my primary for everything. Change password details every 6 months just out of habit any way.

 

[ic1male]

What concerns me most is the answers to security questions being compromised. I don't know which other websites I may have used security questions for with the same question/answer combo so can't change them.

 

[Cosimo]

I use Flickr and Yahoo but passwords were changed after the last one.

 

[jas72]

Wow necro an old thread for an update
At least change the title mods...

 

[Tephnos]

So is there a link to a data dump of them anywhere?

At least I could get back into my old accounts then!

 

[Puzzled]

Forgot I even had a Yahoo account but had the email come through today.

Can't remember if any sensitive info was needed for signup.

 

[sare^baw's]

I set up several new yahoo accounts, i got fed up with my email addresses getting hit with spam eventually. So i use different ones for different things that way if one starts getting spammed, it less of a job changing my email address for everything.

I cant believe i have not had an email from yahoo to request that i change passwords, so ill do this off my own back. Should i just stick with yahoo. I really cant be bothered changing email addresses again.

 

[Deleted member 77746]

They should just shut yahoo down its crap.

 

[wedrum]

yahoo is crap should be forced to shut down.
had this a few years back my email starting emailing all my contacts all kinds of crap.

 

[sare^baw's]

well so far i have not had any problem with yahoo, no spam and no problems like the one you mentioned.

I use one of my yahoo accounts to send personal business details to my employment agency and accounts, im self employed and contracting. So if i change my yahoo passwords and my banking passwords should that be suffice.

I could move to another email service and then get the same problem further down the line?

 

[LoadsaMoney]

Time to change them again, a billion been stolen this time.

http://www.bbc.co.uk/news/world-us-canada-38324527

Not again!, changed, thanks

 

[Scam]

Turns out I have a Yahoo account. Not sure why, maybe Flickr in the past. Tried to deactivate my account and the page to do so is broken .

Yeah I created an account for Flickr but never used it.

Thought I'd best take control over it properly so changed my password and set-up two-factor as per all my other (important) email accounts. Even set-up my Gmail to retrieve emails from it!

With things like this becoming more and more common, it's silly not to have two-factor on every account you have.

 

[IronWarrior]

To be fair, a lot of these "user accounts" will be bot accounts. Back in the Yahoo Chat room days, it was pretty common to make 100's if not 1000's of bot accounts to attack/flood rooms and users.

 

[uvarvu]

https://www.theregister.co.uk/2017/10/03/yahoo_says_one_beeelion_user_hack_figure_wrong_its_three/

In a filing on Tuesday to America's financial watchdogs, Yahoo!, now owned by Verizon under the Oath brand, admitted the total number of user accounts illegally accessed by hackers in 2013 wasn't the 500 million earlier reported, nor the one billion it later confessed, but all of them – all three billion accounts.

**** me, they hacked EVERYONE's details!? I shut down my account long ago but it does make me worry if others will suffer the same fate

 

[Cromulent]

https://www.theregister.co.uk/2017/10/03/yahoo_says_one_beeelion_user_hack_figure_wrong_its_three/

**** me, they hacked EVERYONE's details!? I shut down my account long ago but it does make me worry if others will suffer the same fate

3 billion Yahoo accounts? Blimey. I've never used Yahoo but that is a seriously big number.

If you want to find out if your data has been breached on any website use this website:

https://haveibeenpwned.com/

type in your username or email address and it will give you a list of all the websites that have been hacked that have your details in the resulting data. You might be surprised by the number of big name companies that have been hacked and released your user data.

IT security is surprisingly difficult and it requires everyone from managers, programmers, system administrators and testers to understand it in order to stop attacks. Having one "security" guy just doesn't work these days. Everyone from the lowest to the highest has to understand how to protect IT services.

Oh and you can have the best security in the world but if one of your employees gives away system passwords on a phone call because their "boss" called in saying he forgot the password then it doesn't matter how secure your system is you've just been breached.

 

[Liquid_Entity]

Oh no — pwned!
Pwned on 11 breached sites and found no pastes (subscribe to search sensitive breaches)

11 times but I've not had any issues apart from just more and more spam.

Edit: strangely not showing the yahoo one.

 

[The_Abyss]

The message when logging in to Flickr today.

Perhaps the Verizon family is 'extended'

 

[Skillmister]

3 billion Yahoo accounts? Blimey. I've never used Yahoo but that is a seriously big number.

If you want to find out if your data has been breached on any website use this website:

https://haveibeenpwned.com/

Just Dropbox and LinkedIn for me on my current email (that I've been using for around 5 years now and on no "dodgy" sites.

Adobe, Epic Games, Evony and last.fm for my old email address.

Nice to see such big names keeping my info secure

 

[platypus]

The message when logging in to Flickr today.

Perhaps the Verizon family is 'extended'

This was one of the reasons why I recently shut down my Yahoo account. Tipped me over the edge, galvanised me into action.