Yahoo Data Breach

close-up of the Yahoo! company sign, out front of their office, with grass in the foreground


On September 22, 2016, Yahoo announced that more than 500 million accounts were compromised.  The data breach included email addresses, telephone numbers, dates of birth, passwords, and in some cases, security questions.

The news of yet another data breach reminds us of how important it is to secure our personal data.  There are specific steps to consider for those involved in the Yahoo email breach, but the reality is that many of these steps are good practices for anyone.  Here are a few to consider:

  • Change all your passwords regularly.  Smart account management should include complex passwords that are changed regularly.  Consider making your passwords for financial accounts different than your email passwords, and make them as intricate as possible by including letters, numbers and symbols.
  • Update security questions.  Do not use security answers on bank accounts that you might use on other non-financial accounts.
  • Is it email, text or phone phishing?  Once fraudsters gather identifying information, they usually send official-looking texts, emails or phone calls to gather more data.  If you click on a link or respond to a text from an unfamiliar source, it may allow the fraudster to implant malware or viruses on your phone or computer.  Never click on any links in emails or respond to unknown senders of text messages.  If you receive something of concern that looks official, go to that business’s secure website to get the correct phone numbers to call and inquire about messages you have received.
  • Manage email regularly.  Because emails can contain a lot of personal information about you, like banking confirmations, make sure to delete email confirmations and try not to use email to send or store personal documents such as tax returns or loan documents.
  • Beware of phone scams.  If you receive a call from a bill collector or other source soliciting you for money on a past due bill, you need to validate the debt.  Earlier this year, the common scam involved fraudsters pretending to be the IRS and collecting thousands of dollars from victims that had their personal data compromised.  Always confirm debts with creditors directly and remember that most of the time you should receive a letter in the mail before a phone call.
  • When services allow for it, block personal information, like your date of birth.  Do not leave this information easily accessible to dishonest people who might be gathering information.

If you think you are a victim of the data breach or have a concern about how to best protect yourself, call a Money Coach for more information about identity monitoring services.