Yahoo expected to confirm massive data breach

Yahoo is expected to announce a “massive” data breach soon. Although the news is not yet confirmed, you should be proactive and check the security of your Yahoo account.

Yahoo expected to confirm massive data breach

Yahoo is expected to announce a “massive” data breach ahead of its impending sale to Verizon. Although the news is not yet confirmed at the time of this posting (several sources close to the situation have raised the alarm), it’s a safe bet that confirmation is just around the corner.

A hacker called Peace is claiming responsibility. The breach, which was first noticed in the summer, hasn’t been officially confirmed by Yahoo; however, if it is, it’ll sit alongside some of the largest breaches in recent times.

It comes at a sensitive time for Yahoo. The company is currently finalizing plans for its sale to telecom giant Verizon, so news like this won’t go over well. Until details are released about the breach, it will be difficult to see just how much data the hacker has.

Even though the breach is yet unconfirmed, we urge users to reset their passwords as soon as they can. You can learn how to create complex passwords by using our password checker, and as we always say: Make sure you enable two-step authentication!

Update: it’s confirmed

Yahoo says: “We have confirmed that a copy of certain user account information was stolen from the company’s network in late 2014 by what it believes is a state-sponsored actor. The account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers.”

“First, do not fall for social engineering schemes that will follow this incident. Everyone should be aware that any breach notice that Yahoo! emails out will go only to their email service users, and it will not provide links to click on, include any attachments, and will NOT ask for personal information.”

In the meantime, if you are using a Yahoo! email account, it’s a good idea to set up a “Yahoo account key,” which removes the need to enter passwords and enables a level of two factor authentication,” says Kurt Baumgartner, principal security researcher, Kaspersky Lab.

How connected cars should handle security

What is the fundamental difference between Auto 2.0 and Auto 3.0? Technically, they’re the same. From the viewpoint of the car owner, however, the connection of one or more electronic units to the Internet provides pleasant and useful services — as well as Internet access while en route. But to a cybersecurity expert, the difference is huge: remote access to a car and its internal systems is bound to have major consequences.

Tips