I saw a message about it when I logged a few days ago, and immediately updated my KeePass2 then my Yahoo! password. That’s the second change in as many months, out of an abundance of caution. As far as any other data Yahoo! may have had, pretty much all of it is discoverable, because alas, until recently when I began using KeePass*, I could not remember any lies to “security questions.” (Now of course the lies are easy because I just add them as either attributes or notes in the KeePass2 record.)
Where are the system administrators when these hacks are going on? It would seem like 1 billion profiles being accessed would take a lot of internet traffic. Far more than what would be a normal amount. Shouldn’t that raise a few flags?
I have several Yahoo! accounts, being the administrator for several Yahoo! groups, and also a member of other groups. In my case, I think the only thing of importance would be the usernames and passwords I have used, and maybe the email addresses I’ve supplied.
Yahoo! is supposed to be contacting the users that had their information compromised, and so far I’ve heard nothing. Do they really know which records were accessed? Or is this a ploy to get in the news?
Don’t give out more info then you have to, and as the Sound Bytes crew has said before, don’t reuse usernames and passwords on different sites. Of course it doesn’t help that Facebook, Apple and Google are pushing us to use a single identity for everything. Usually when creating an account I’ll make up a fake name and fake whatever other date they want. Unless you’re ordering something, then you kinda have to give them real info.
As I understand it this happened a few years ago. The last time I changed my Yahoo password was two months ago. So it doesn’t seem to me that I need to change it again since any password they got back then are way out of date. Am I wrong?