A hacker responsible for dumping hundreds of millions of MySpace, Tumblr, LinkedIn and other credentials online in recent months has now reportedly put up for sale 200 million Yahoo log-ins.
The individual is selling the same combination of usernames, passwords, dates of birth, and in some cases email addresses.
The data is being sold on the same underground marketplace, although it’s unclear whether all of the credentials are up-to-date or how they were obtained.
Yahoo has released a statement saying it is “aware” of the incident, although the firm has yet to initiate a user-wide password reset.
“We are committed to protecting the security of our users’ information and we take any such claim very seriously. Our security team is working to determine the facts. Yahoo works hard to keep our users safe, and we always encourage our users to create strong passwords, or give up passwords altogether by using Yahoo Account Key, and use different passwords for different platforms.”
A Statement from Yahoo
If you have any concern regarding this leak, it is best to reset all your passwords for your online accounts – especially if you are aware that they may have been compromised in some form by the breaches.
General Online Safety Advice Sources
For more information about our work, please visit www.safeinwarwickshire.com/cybercrime
Be Cyber Streetwise is a cross-government campaign, funded by the National Cyber Security Programme. They aim to measurably and significantly improve the online safety behaviour and confidence of consumers and small businesses (SMEs).
Get Safe Online is the UK’s leading source of factual and easy-to-understand information on online safety. Their website offers advice on how you can protect yourself, your computers and devices, and your business against the likes of fraud, identity theft, viruses and other potential online problems.