One billion Yahoo accounts stolen; now being sold on dark web

Rafagon

Genius
Gold
Dec 7, 2011
7,566
1,254
113
44
Miami, Florida
#1
Unless you’ve been intentionally avoiding headlines for the past couple of days, you already know that one billion Yahoo accounts were stolen right from under its nose. This is separate and distinct from the theft of “at least” half a billion accounts previously reported by Yahoo. This is a major embarrassment for the already enfeebled company that has been surpassed ten times over by Google.

Now, things have taken a turn for the worse. The data from the recent breach has gone over to the dark side. Yes, all those accounts are being sold on the dark web, according to an article on the New York Times.

It goes without saying that if you re-use passwords across different sites, and one of them was Yahoo, then you should be changing those passwords. The stolen passwords were encrypted using a hash function called MD5, which is an outdated and highly vulnerable form of cryptography. Hackers will be able, fairly easily, to crack those encrypted passwords.
 

Ledsteplin

Genius
Gold
Oct 29, 2013
4,817
985
113
65
Florence, AL
#2
The only thing Yahoo I have is Yahoo Sports. If they want to check some scores, they're welcome to do so. Yahoo doesn't make it easy to change a password. And they have that ridiculous account key thing that makes no sense. I can't see that it works. SMH
 

RoofMonkey

Genius
Gold
Jun 21, 2010
8,871
2,048
113
Florida
#3
The only thing Yahoo I have is Yahoo Sports. If they want to check some scores, they're welcome to do so. Yahoo doesn't make it easy to change a password. And they have that ridiculous account key thing that makes no sense. I can't see that it works. SMH
Its not that difficult to change the password:
Go to the Yahoo Account Info page.
(Mobile web browser only) tap the Menu icon .
Click Account Security.
Click Change password.
Enter and confirm your new password.
Click Continue. - A confirmation appears.
Click Continue to finish.
 

Rafagon

Genius
Gold
Dec 7, 2011
7,566
1,254
113
44
Miami, Florida
#4
The only thing Yahoo I have is Yahoo Sports. If they want to check some scores, they're welcome to do so. Yahoo doesn't make it easy to change a password. And they have that ridiculous account key thing that makes no sense. I can't see that it works. SMH
The hackers don’t care that all you use with Yahoo is Yahoo Sports. As long as you created a Yahoo! account, that username and associated credentials is what they’re after, and if you have nothing worthwhile on Yahoo, they may attempt to log into other sites with those credentials. If you used the same password elsewhere, they’ll take advantage of that. I’d follow the steps RoofMonkey outlined, and, if re-used from your Yahoo account, proceed to change the password elsewhere.
 

Ledsteplin

Genius
Gold
Oct 29, 2013
4,817
985
113
65
Florence, AL
#5
The hackers don’t care that all you use with Yahoo is Yahoo Sports. As long as you created a Yahoo! account, that username and associated credentials is what they’re after, and if you have nothing worthwhile on Yahoo, they may attempt to log into other sites with those credentials. If you used the same password elsewhere, they’ll take advantage of that. I’d follow the steps RoofMonkey outlined, and, if re-used from your Yahoo account, proceed to change the password elsewhere.
Not used anywhere else.