We were disappointed, but not surprised, to learn again recently that many millions of people had their personal information compromised in a hack of Yahoo accounts.

The company said it believes a state-sponsored hacker is behind the attack on 500 million Yahoo users. The information gained by the hackers includes, but is not limited to names, email addresses, telephone numbers, dates of birth and encrypted and unencrypted security questions and answers.

The company's ongoing investigation suggests that stolen information did not include unprotected passwords, payment card data, or bank account information; payment card data and bank account information are not stored in the system that the investigation has found to be affected.

The hack occurred in 2014, and may be the largest in U.S. history. It came to light after someone called "Peace" began trying to sell Yahoo account information on the "Dark Web" in August 2016.

"We take these types of breaches very seriously and will determine how this occurred and who is responsible," Yahoo said in a media release about the hack.

In the wake of the attack, Yahoo has invalidated unencrypted security questions and answers so that they cannot be used to access an account. The company is also asking potentially affected users to change their passwords. Users are also asked to:

  • Review their online accounts for suspicious activity
  • Change their password and security questions and answers for any other accounts on which they use the same or similar information used for their Yahoo account
  • Avoid clicking on links or downloading attachments from suspicious emails and that they be cautious of unsolicited communications that ask for personal information
  • Consider using Yahoo Account Key, a simple authentication tool that eliminates the need to use a password altogether.

This latest large-scale hack, is yet another example of the importance of creating complex passwords, changing them often and not using the same passwords across multiple accounts.  Hackers are working around the clock to gain access to all of your personal information and sell it to anyone who will pay for it, and picking up the pieces after the theft of your identity can take years.

At Chicago IT consulting company, Business Knowledge Systems, we see problems with user ID and password information almost every day. If you're a small to medium-size business with little or no IT or email protection, it's only a matter of time before your system is hacked and your information compromised.

In addition to email maintenance services our all-in-one IT services include:

  • Proactive monitoring and preventative maintenance
  • Daily or weekly spam reports
  • Vulnerability management
  • Installation and maintenance of nationally branded spam filters
  • Advanced endpoint management
  • Managed firewalls, virtual private networks (VPN), anti-virus programs

About Chicago IT consultant BKS

BKS has been an award-winning Chicago IT consulting company for over 15 years. We are a provider of all-inclusive IT services for businesses in a number of sectors, including banking, transportation and logistics and healthcare. If your company is in need of our services, contact BKS today or call 630-357-8385.