Youâve probably already heard that Yahoo suffered a massive data breach in which hackers accessed passwords and personal information for 500 million users back in late 2014. But 2014 was ages ago. And you havenât used a Yahoo account in years (who has?!). So why should you care about hacks like this? Here are 3 very good reasons.
1. Weâre all reusing passwords
Hopefully you already know that itâs a terrible idea to reuse passwords across sites or services. While us geeks get that we shouldnât be using the same password across multiple services, almost all of us are doing it anyway.
Hereâs security expert Dr Jessica Barker to remind you why thatâs bad:
“If your Yahoo password is cracked and youâve used it for other accounts, those accounts can be accessed too. My research suggests that at least 62% of people in the UK use the same password for more than one account, so this is a real problem.”
Think long and hard about the passwords youâve used over the years. If you were using the same passwords across multiple sites back in 2014, this breach has put you at risk. Even if not, if youâre reusing passwords anywhere, itâs time to invest in a good password manager.
2. Security questions are the passwords you never change
Even if youâre one of the clever people who has a unique password for each site or service, the security questions designed to help us when we forget those passwords can put you at risk. While youâve been changing your passwords, your motherâs maiden name hasnât changed. And Mr. Business remains your first pet.
âItâs Mr Jim Business, you need to use his full name!â
When hacks like this one expose security question data, it can put any account that uses the same security questions at risk. While the process to change your password is usually visible and easy to complete on most sites, changing your security questions may not be as simple. If thereâs no obvious way to change your settings, contact the service to see if theyâll help you. [Ed: and if they wonât, Twitter-shame them! Security is important!]
You donât have to (and probably shouldnât) set your answers to security questions to something true. For added safety, use a password manager to save a unique answer for each site. Why yes, my motherâs maiden name was “W7dlnsgkl^/,” why do you ask?
3. Abandoned accounts are filled with personal data
You havenât thought about your old Yahoo mail account in years. But did you delete it? Abandoned accounts that havenât been deleted or deactivated live on, with the information they contain vulnerable to direct attacks on the service provider or when a security question or shared password is obtained from an attack on another provider.
Financial details, information about your property, emails from old breakups, embarrassing photos from your emo phase - these old accounts can hold information that can be valuable for hackers and damaging or humiliating for you. You can manage these risks by deleting or deactivating accounts you no longer use. Even if you canât think of anything that might be dangerous in that old Yahoo account you had, itâs probably a good time send all those potential security issues off to live on a farm in the country.
Want to know more about password security? Check out LastPassâs top 5 tips.
Main image: Pexels