Yahoo security breach

Page may contain affiliate links. Please see terms for details.
Chris S

Chris S

Legendary Member
Location
Birmingham
I've just had an email from Yahoo informing me that their systems suffered a security breach at the end of 2014. They've also advised me to:
  • Change your password and security questions for any other accounts on which you used the same or similar information used for your Yahoo account.

  • Review your accounts for suspicious activity.

  • Be cautious of any unsolicited communications that ask for your personal information or refer you to a web page asking for personal information.

  • Avoid clicking on links or downloading attachments from suspicious emails.
I think they're about 2 years too late.
 
Andrew_Culture

Andrew_Culture

Internet Marketing bod
Location
The People's Republic Of Suffolk.
It's weird that it's taken two years!

Here's hoping Altavista and HotBot aren't holding back any info like this ;)
 
keithmac

keithmac

Guru
I had a lovely spam free email address for 10+ years before a company too lax in their data security manged to advertise it to the nation.

Why can't email addresses be encrypted as well as the passwords when signing up?.
 
Tin Pot

Tin Pot

Guru
keithmac said:
I had a lovely spam free email address for 10+ years before a company too lax in their data security manged to advertise it to the nation.

Why can't email addresses be encrypted as well as the passwords when signing up?.
Click to expand...
You mean in storage?

Email addresses are public information, otherwise they wouldn't work.

The other companies have also been breached, they either know it and have been in the news or they don't know it yet.
 
keithmac

keithmac

Guru
Tin Pot said:
You mean in storage?

Email addresses are public information, otherwise they wouldn't work.

The other companies have also been breached, they either know it and have been in the news or they don't know it yet.
Click to expand...

Yes in their own databases.
 
jefmcg

jefmcg

Guru
Location
The dark heart of the former British Empire
Tin Pot said:
Email addresses are public information, otherwise they wouldn't work.
Click to expand...
That's not true. You can send an email to <anything>@company.com. The company can then decide what to do with that email. They can bin it silently, they can return it to you with an error message, they can route it the recipient. They can forward it on to a different address. There is no need for email addresses to be public.

(I run my own server and accept any mail addressed to it. I don't have to publish a list created by infinite monkeys of all possible email address.)
 
jefmcg

jefmcg

Guru
Location
The dark heart of the former British Empire
Yahoo's security people are morons. I had several accounts with them, and didn't answer the security questions (or just put in a random sequence of letters) so I wouldn't create a back door to my accounts, as I was not going to lose the passwords. So later on I tried to get back into my account. If I had lost the password, I could have used the security question to reset the passwor. However, even though I still had my password it wouldn't let me back into the account until I answered the security question. So I couldn't log back into the account despite having the password, but (assuming I had answered the security question honestly) an acquaintance could as long as they knew where I went on my honeymoon - and most people post that on facebook these days.
 
You must log in or register to reply here.

Similar threads

P
Big Brother or Security Risk ... Strava
Replies
4
Top Bottom