- Vibe TV puts a premium price tag on piracy 2 Years Ago
- Twitter unites in collective confusion over ‘Democrats for Trump’ trending Saturday 2:28 PM
- YouTube star tweets and deletes video of his Black cousin ‘Peanut’ acting as a stool Saturday 1:04 PM
- The ‘Do you wash your legs in the shower’ debate has now escalated to feet Saturday 12:20 PM
- Donald Trump posted a world-class golf score, and the internet laughs at him Saturday 10:46 AM
- Lili Reinhart dragged the ‘Game of Thrones’ petition, sparking debate about TV and ‘fan service’ Saturday 9:42 AM
- How to stream UFC Fight Night 152 for free Saturday 8:00 AM
- People keep calling the ‘Game of Thrones’ creators by their initials—and it’s confusing D&D players Saturday 8:00 AM
- After infidelity and abuse accusations, ProJared said his wife wanted an open marriage Saturday 7:40 AM
- ‘Jailbirds’ prioritizes petty drama over insight Saturday 7:30 AM
- How to stream Deontay Wilder vs. Dominic Breazeale for free Saturday 7:00 AM
- How to live stream Josh Taylor vs. Ivan Baranchyk on DAZN Saturday 6:00 AM
- Kim Kardashian West reveals her and Kanye’s 4th child is named Psalm Friday 6:38 PM
- Tan France and Alexa Chung are hosting Netflix’s first fashion show Friday 5:42 PM
- Nonprofit groups express concern with pop-up abortion networks Friday 5:06 PM
You need to change your Yahoo password NOW.
Still have a Yahoo account? You’ve probably been hacked—again.
Yahoo on Wednesday afternoon revealed that hackers made off with the user data of more than 1 billion accounts.
The breach occurred in August 2013, according to Yahoo, and is believed to be separate from an earlier intrusion, revealed in September and believed to have been carried out by a state actor, that exposed the accounts of more than 500 million user accounts.
Yahoo says it has not yet been able to identify how the breach of 1 billion user accounts took place.
Yahoo says the data may include “names, email addresses, telephone numbers, dates of birth, hashed passwords … and, in some cases, encrypted or unencrypted security questions and answers.” The company says “passwords in clear text, payment card data, or bank account information” are not believed to be included in the stolen data.
Separately, Yahoo says it discovered efforts to use forged cookies—small bits of data stored in a user’s browser—which the company says is linked to activity carried out by “the same state-sponsored actor believed to be responsible for the data theft the company disclosed on September 22, 2016.”
Yahoo’s chief information security officer Bob Lord wrote in a blog post that the company is taking steps to secure affected users.
We are notifying potentially affected users and have taken steps to secure their accounts, including requiring users to change their passwords. We have also invalidated unencrypted security questions and answers so that they cannot be used to access an account. With respect to the cookie forging activity, we invalidated the forged cookies and hardened our systems to secure them against similar attacks. We continuously enhance our safeguards and systems that detect and prevent unauthorized access to user accounts.
Further, Yahoo suggests users “review all of their online accounts for suspicious activity and to change their passwords and security questions and answers for any other accounts on which they use the same or similar information used for their Yahoo account.”
In fact, it may be time to ditch that Yahoo account altogether.
Andrew Couts is the former editor of Layer 8, a section dedicated to the intersection of the Internet and the state—and the gaps in between. Prior to the Daily Dot, Couts served as features editor and features writer for Digital Trends, associate editor of TheWeek.com, and associate editor at Maxim magazine. When he’s not working, Couts can be found hiking with his German shepherds or blasting around on motorcycles.