Have a Yahoo account? Now might be a good time to change your password.
The company has confirmed that account information for “at least 500 million user accounts” was stolen in late 2014. Yahoo believes this was the result of a state-sponsored action, and that compromised data could include names, email address, hashed passwords, phone numbers, birthdates, and other data, including security questions and answers.
Yahoo says it’s possible that even if some of your data was stolen, not all of the above elements were included. And there’s no evidence that unprotected passwords, credit card, or bank account data was stolen.
Still, it’s probably a good idea to chance your password. Note that Yahoo should be sending an email to users that may have been affected and that there should be no links to click in that email. If you get an email asking you to click a link to change your password or to enter your account information to see if you were affected, it probably means someone’s trying to steal your data now.
You can see a copy of the email Yahoo is sending to users in your region at the company’s website.
In addition to recommending users change their passwords, Yahoo has invalidated unencrypted security questions and the company says it’s working to improve systems for detecting unauthorized access to user accounts.
I bet Verizon is thrilled right now about its recent decision to acquire Yahoo for $4.8 billion.