Recently, Yahoo! has announced yet ANOTHER data Breach. Some of you might remember the one they announced back in September that actually happened in 2014!! Yesterday they announced another data breach from back in 2013!
What happened? Yahoo discovered the 2013 compromise after analyzing data files law enforcement provided after an unnamed third party claimed to be in possession of Yahoo information. The attackers acquired sensitive information such as user names, dates of birth, phone numbers, and unencrypted security questions that can be used to reset passwords.
According to the NY Times, Yahoo is now doing what they haven’t done in the past. “Yahoo said it is forcing all of the affected users to change their passwords and it is invalidating unencrypted security questions — steps that it declined to take in September.”
It is not clear if this attack affected the same 500 million users that were reported back in September 2016. But what is certain in our eyes is that Yahoo has been maintaining substandard security practices that go back before CEO Marissa Mayer’s placement at the head of the company. Unfortunately security took a backseat because of concerns of added security would make Yahoo! properties & services less desirable than competing properties out there such as Google’s gmail.
If you’re thinking of changing from Yahoo! services, which sites will you start using?