You may have heard about the news that was just released regarding a massive security breach at Yahoo. The breach took place at the end of 2014, and so far, we know now that a minimum of 500 million user accounts were stolen. Yahoo is one of the original internet giants, and as such has a massive network presence and a global reach. The breach is being called the largest of it’s kind ever, and is believed to have been initiated by state-sponsored Russian hackers.
So, with news of security breaches large and small popping up almost daily, what does this breach mean to you? Symplexity’s Security Practice Manager, Ross Filipek, CCIE, shared some thoughts on the implications, and best practices tips for protecting your online identify if you suspect your data was among the stolen accounts.
Were you affected? Here’s what you should do.
First of all, stories like this a great reminder for the importance of using strong and different passwords across your various internet accounts.
“Many Yahoo users use the same passwords for their other accounts (e.g., Amazon, Facebook, eBay, etc.).” Filipek said. “According to a recent study by TeleSign, some 73% of online accounts use passwords that are duplicated among other accounts. Obviously, those passwords need to be changed immediately as well.”
While changing those passwords, consider taking advantage of any additional security layers offered, as well, such as two-factor authentication.
“Attacks like these underscore the value of multi-factor authentication controls in which a user must both know something (e.g., a password) and possess something (e.g., a software token) before he or she can successfully authenticate to a system, “Filipek added. “Even if a user’s password is compromised, the attacker would still need to steal the software token before he or she could access the user’s account.”
See HOW TWO-FACTOR AUTHENTICATION CAN KEEP YOU SAFE from the ENS Blog for more information on how this can help protect you.
While Yahoo isn’t disclosing exactly how the attacker infiltrated the network, it was almost likely with a phishing message targeted at a Yahoo employee. The message likely contained either a malicious attachment or link that then downloaded malware. Given that the breach dates back to 2014, that is over two years of data that was collected. We don’t know how long Yahoo has been aware of the breach, but it’s safe to say it went unnoticed for some time.
This goes back to one of the basics of the Symplexity Layered Security Approach: Penetration Testing and Social Engineering. Your employees are the first line of defense against attacks like this; invest in end user training, such as Phishnet by KnowBe4, to be sure they are able to identify a suspicious email when they receive it.
In addition to Symplexity’s recommendations, Yahoo provided the following suggestions in the wake of this breach:
- Users should change their passwords and security questions and answers for both Yahoo and any other accounts where they used the same passwords or similar security information.
- Review your accounts for suspicious activity
- Be cautious of any unsolicited communications that ask for your personal information or refer you to a web page asking for personal information.
- Avoid clicking on links or downloading attachments from suspicious emails.
- Additionally, please consider using Yahoo Account Key, a simple authentication tool that eliminates the need to use a password altogether.
Don’t let security gaps cause problems for your organization or clients. Contact Symplexity today to schedule a FREE consultation with one of our technology specialists.