Bahoo, WhoKnew? Yahoo!

Just as we were about to update you on the latest news about the ‘Shadow Brokers’ leaked NSA attack exploit warez  – KAPOW! Yahoo admits that it was breached to the tune of 500,000,000 user account details in 2014.

Grist to our mill. Unfortunately.

Of course like all of these mahoosive breaches, this one raises almost as many questions as credentials lost. Ok that is an exaggeration, but you do have to ask yourself how come it has taken them so long to ‘fess up? Have they really only just found out about this or have they been backed into a corner by parties unknown?

Did they really have half a billion subscribers?

Not to mention what is this going to do to the $4.8 Beelion that Verizon has offered for this lean mean machine being expertly piloted through the choppy Google seas by Captain Marissa Mayer, who has presumably been on the horn to Talk Talk’s Dido Harding, Jan Martel, Bear Grylls and any other survival specialists in her Rolodex.

Not to worry caller, Yahoo takes your privacy seriously and does not believe that credit cards or bank details were included in the breach leaving just, err, names, passwords, email addresses, phone numbers and security questions.

No biggy.

Security questions – hmm, doesn’t that mean that someone can reset your online passwords for other services if you use the same questions? Yes it does, and probably stand a better chance than you because we bet you cant even remember the answers.

The usual precautions apply. Be very cautious about anything you receive purporting to be from Yahoo. If you haven’t changed your online passwords since 2014, have a little word with yourself and sort it out. Most importantly – ENABLE MULTIFACTOR AUTHENTICATION on everything you can. Might be a good idea to change your security questions while you are about it, even our first dog ‘Tollwut’ thought this was a good idea.

Going back to the NSA debacle, the story we are now being fed from ‘numerous sources’; The NSA wasn’t hacked, rather a staff member left the materiel on a server after an operation, told the agency who have sat on it. You can read the latest here.

We are off to exercise our Unicorns.

If you would like to discuss more amazing stories from the security world or get some straightforward, actionable advice, please contact us at: [email protected] or call us on 020 7517 3900.