Yahoo has said more than one billion user accounts may have been affected in a hacking attack dating back to 2013.
The internet giant said it appeared separate from a 2014 breach disclosed in September, when Yahoo revealed 500 million accounts had been accessed.
Yahoo said names, phone numbers, passwords and email addresses were stolen, but not bank and payment data.
In the UK, ISPs Sky and BT issued warnings for customers that they may be affected by the breach as Yahoo provides email services for both ISPs. Sky estimates that it had about 2.5 million Sky.com email account holders at the time of the breach. It said not all were affected but would advise everyone with a Sky.com email account to update their password.
BT said it was also carrying out its own investigation but advised the “minority” of its customers who use Yahoo mail to change their passwords.
Steps you can take
If you think you have been affected change your password and security questions for your online accounts. Use three random words to create a strong password. Numbers and symbols can still be used, however three random words is the key to creating a strong and memorable password. Remember to use different password for different online accounts or sites.
- Monitor your account for any suspicious or unexpected activity.
- Be very wary of any emails purporting to come from Yahoo, particularly if they prompt you to click any links, download any attachments or give out any personal information.
- Be wary of anyone calling asking for personal information, bank details or passwords. If in doubt, just hang up.
- Watch out for signs of identity crime. Visit Experian, Equifax or Noddle to check your credit rating to make sure no one has applied for credit in your name.
- For online safety advice visit Get Safe Online and Cyber Aware.
- If you are generally concerned, you can look on services like haveibeenpwned.com to see if your username or email address has been involved in a breach. You should definitely take action if you are listed, but services like this are not 100% accurate
Security experts also recommend that people use a simple password manager program such as Password Chef, LastPass or 1password (others are available).
Complete the new 2016 Cyber Crime survey, so we can see the full scope of Cyber Crime in Warwickshire, and across West Mercia and the West Midlands – https://www.surveymonkey.co.uk/r/RegionalCyber16
For more information about our work, please visit www.safeinwarwickshire.com/cybercrime
Cyber Aware is a cross-government campaign, funded by the National Cyber Security Programme. They aim to measurably and significantly improve the online safety behaviour and confidence of consumers and small businesses (SMEs).
Get Safe Online is the UK’s leading source of factual and easy-to-understand information on online safety. Their website offers advice on how you can protect yourself, your computers and devices, and your business against the likes of fraud, identity theft, viruses and other potential online problems.