Yahoo Security Failed

CNN has reported that there was again a security breach on online email accounts. A total of more than 450,000 usernames and password were compromised in the breach. Different websites report slight differences in the actual figures. Though headlines prominently mentioned Yahoo where 135,599 emails were affected,  there are other affected accounts from different email providers that 106,185 came from gmail.com; 54,393 from hotmail.com, 24,677 from aol.com, 8,422 from comcast.net and 6,282 msn.com.


There are posts suggesting to check whether your yahoo account is part of the 450,000 accounts that were compromised at http://www.pbs.org/newshour/rundown/2012/07/check-whether-your-yahoo-password-was-hacked.html or check the entire file at http://d33ds.co.nyud.net/archive/yahoo-disclosure.txt but I don't recommend visiting the site. Instead of spending your precious minutes checking whether yours is one of the emails that got compromised, go ahead and open your account.

If you have think or have doubts that your account is compromised, just take the necessary steps in checking the security of your email accounts. Here are some tips:
  1. Use passwords that are at least 8-characters, combination of uppercase and lowercase letters and numbers.
  2. Use different passwords for different websites.
  3. Do not store your passwords inside your email accounts.
  4. Do not use personal information in your passwords.
  5. Do not choose answers to security question that can be found in your biodata/resume. There's no rule that your security question must be answered truthfully. What is important is that you remember the answer you provided.
  6. Change your passwords often, as often as every month or every 90-days.
  7. Do not open attachments from unknown senders. Take extra precaution when opening attachments from contacts, their accounts might have also been compromised.
  8. Install reliable antivirus programs.
For Gmail, there is a 2-step verification system wherein you need the code sent to your mobile number everytime you open email account.

Unfortunately this time, it was not entirely the fault of the email users. The group of seven hackers who called themselves D33Ds  attacked Yahoo's database using SQL injection. What's worst is that it was reported that the passwords were not encrypted as presumed. Rather, the passwords were in plain text that even an elementary student can read. According to the hackers, they posted the emails with the corresponding passwords on a website to inform Yahoo that it's security has failed again.



Comments

Popular posts from this blog

Asus Intel Core i7-6700HQ Processor 2.6GHz P3,000 OFF

Earn Money with your Photobucket Account

It's My Market