- AirTV is essential for Sling TV subscribers 3 Years Ago
- #ICEBae is reportedly a Democrat–and she has some things to get off her chest Tuesday 8:45 PM
- Fans are stoked that Taika Waititi is back to direct ‘Thor 4’ Tuesday 7:22 PM
- Sacha Baron Cohen thanks ‘co-stars’ Dick Cheney, Sarah Palin for making Emmy nominations possible Tuesday 6:43 PM
- Roger Stone barred from posting on all social media platforms Tuesday 6:03 PM
- The FaceApp challenge shows you how gracefully you’ll age Tuesday 5:16 PM
- Kylie Jenner opens up about her mental health in candid Instagram post Tuesday 4:38 PM
- Fans speculate wildly about Naomi Watts’ ‘Game of Thrones’ prequel role after leaked set photo Tuesday 3:54 PM
- New Jersey congressman joins House Democrats ‘Squad’ because of an Onion article Tuesday 3:09 PM
- Twitter begins rolling out new desktop redesign, and users aren’t happy Tuesday 1:54 PM
- Man asks his girlfriend to ‘unlove’ her ex—and people do not agree with him Tuesday 1:37 PM
- Relive a forgotten gem with the TurboGrafx-16 Mini console Tuesday 1:09 PM
- Judge says Daily Stormer founder must pay $14 million for harassing Jewish realtor Tuesday 1:01 PM
- Graphic depiction of suicide cut from Netflix’s ’13 Reasons Why’ Tuesday 12:55 PM
- Streaming titles seize 2019 Emmy nominations Tuesday 12:19 PM
You need to change your Yahoo password NOW.
Still have a Yahoo account? You’ve probably been hacked—again.
Yahoo on Wednesday afternoon revealed that hackers made off with the user data of more than 1 billion accounts.
The breach occurred in August 2013, according to Yahoo, and is believed to be separate from an earlier intrusion, revealed in September and believed to have been carried out by a state actor, that exposed the accounts of more than 500 million user accounts.
Yahoo says it has not yet been able to identify how the breach of 1 billion user accounts took place.
Yahoo says the data may include “names, email addresses, telephone numbers, dates of birth, hashed passwords … and, in some cases, encrypted or unencrypted security questions and answers.” The company says “passwords in clear text, payment card data, or bank account information” are not believed to be included in the stolen data.
Separately, Yahoo says it discovered efforts to use forged cookies—small bits of data stored in a user’s browser—which the company says is linked to activity carried out by “the same state-sponsored actor believed to be responsible for the data theft the company disclosed on September 22, 2016.”
Yahoo’s chief information security officer Bob Lord wrote in a blog post that the company is taking steps to secure affected users.
We are notifying potentially affected users and have taken steps to secure their accounts, including requiring users to change their passwords. We have also invalidated unencrypted security questions and answers so that they cannot be used to access an account. With respect to the cookie forging activity, we invalidated the forged cookies and hardened our systems to secure them against similar attacks. We continuously enhance our safeguards and systems that detect and prevent unauthorized access to user accounts.
Further, Yahoo suggests users “review all of their online accounts for suspicious activity and to change their passwords and security questions and answers for any other accounts on which they use the same or similar information used for their Yahoo account.”
In fact, it may be time to ditch that Yahoo account altogether.
Andrew Couts is the former editor of Layer 8, a section dedicated to the intersection of the Internet and the state—and the gaps in between. Prior to the Daily Dot, Couts served as features editor and features writer for Digital Trends, associate editor of TheWeek.com, and associate editor at Maxim magazine. When he’s not working, Couts can be found hiking with his German shepherds or blasting around on motorcycles.