On Thursday, Sept. 22, Yahoo announced a massive data leak that could have affected at least 500 million users. The breach in information included users' email addresses, names, phone numbers, birthdays, and other sensitive information. If you are a Yahoo user and are afraid your information may have been jeopardized, here's how to tell if your Yahoo accounts have been hacked and what to do about it.
Yahoo suggested that the data breach occurred in 2014 and may have been associated with a "state-sponsored actor," though there is little information at this time as to who may be behind the leak and for what purpose. If you're worried you may have been affected, have no fear, Yahoo will have notified you. According to their press release, the company noted that it "is notifying potentially affected users and has taken steps to secure their accounts."
Due to the seriousness of the data leak, as well as the importance of ensuring that your online information is secure, if you receive an email from something claiming to be Yahoo, make sure to verify that it is, in fact, the company. You don't want to be the victim of a phishing scam in case it's not Yahoo who sent a notice.
Yahoo's press release noted that the company was investigating the situation and working closely with law enforcement to do so. However, the company also noted that it's unlikely that the hacker no longer has access to its networks or services. The company added that it has worked to create a program to identify similar threats, noting, "Yahoo and other companies have launched programs to detect and notify users when a company strongly suspects that a state-sponsored actor has targeted an account."
If you're concerned about your Yahoo account, the first thing you should do, even before reading any emails from the company itself is change your password, and make sure that you are using different passwords for different websites. If you are interested in extra security steps for your Yahoo account, you can turn on the two-factor authentication, which requires you to use your mobile device every time you log in.
Anyone who has a Yahoo account should probably change their password, whether your account was hacked or not. If you use the same password for multiple sites, change those passwords, too.