Last night Yahoo announced another huge data breach, this one dating from 2013 and including information from 1 billion accounts. The information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (using MD5 so pretty trivial to crack) and, in some cases, encrypted or unencrypted security questions and answers. This follows the news in September of this year that information associated with 500m Yahoo accounts was breached in 2014.
I did a few radio interviews on the story this morning but wanted to expand on my thoughts. I made a video earlier in which I talk about:
– details of the breach
– the label ‘biggest known data breach’
– whether it could be state-sponsored
– what to do to better protect your online accounts
See what I have to say about this news and feel free to comment or ask questions, twitter is usually the best place to reach me.