Byte Me Article 303 – Yahoo Security Breach

17th December 2016

Yahoo Hack Timely Reminder

The latest big news in the IT industry are the reports circulating of security breaches at Yahoo. These reports are now confirmed and approx 1 billion people with Yahoo accounts have had a certain amount of private information accessed by hackers.

Yes, you did read those numbers correctly – around 43 times as many people as the entire population of Australia have had some private information accessed, and this happened sometime back in 2013. The numbers and timeframes involved here are simply unfathomable.

So why has it taken so long for this breach to surface. Apparently Yahoo had no knowledge of this breach until a 3rd party security firm approached them with evidence of the breach! So what information was accessed? Yahoo users email addresses, email passwords, telephone numbers, birthdates and some of the supplementary security questions and users answers.

Yahoo is now contacting affected customers and getting them to change their passwords as well as urging them to look back through financial info such as credit card statements to see if they notice any fraudulent transactions. If you have a yahoo account then you should also be changing passwords and doing your own research on how this could affect you.

This breach is now being touted as the largest single Internet based breach in history but I see it as a timely reminder of how the Internet potentially connects all of us with cyber criminals from all walks of life and their desire to fleece money from us.

In fact I believe there is little difference between these cyber criminals operating outside of the law and the influx of ‘legitimate’ or ‘semi-legitimate’ Internet based companies that openly via for subscription based income for services that often offer dubious worth.

Some of these agencies include bogus anti-virus companies, anti-malware companies and software subscriptions for programs that are normally free.  I am not suggesting that unique or worthwhile software should be free but there is an increasingly wide grey area between legitimate and non-legitimate subscription software.

What can be learnt from the Yahoo experience? In general we all need to remain vigilant about Internet security and all IT related security. We need to keep our systems patched with the latest updates. Even if these updates sometimes cause us some application grief by stopping something not working until a tech sorts it – this is still way better than the experience of being hacked.

We should all keep a paper notebook in a safe place with our Internet related usernames and passwords – or a password protected Word document. We should also change our passwords at least once a year and we should never have the same password for everything.

Apart from the above, also keep a single good anti-virus installed and refrain from opening email attachments from unknown sources. Also be prepared to hang up on the number of phone callers that are pretending to be from a legitimate source such as BigPond who insist that they need access to our PC as it already has viruses.

Companies such as BigPond and Microsoft are hard enough to contact in the first place for help – they are hardly going to go looking for work and call us!

Bruce can be contacted on 49 222 400 and Kerr Solutions is at 205 Musgrave St, North Rockhampton.

For more advice and assistance from Kerr Solutions, like and follow us on Facebook