Yahoo announced late yesterday that their servers have been victim to yet another security breach, this time affecting over one billion (that’s billion, with a B) Yahoo user accounts. Yahoo has not as of yet been able to identify the intrusion associated with this latest security breach. This means they don’t know who broke in nor how they did so.
From their statement:
As Yahoo previously disclosed in November, law enforcement provided the company with data files that a third party claimed was Yahoo user data. The company analyzed this data with the assistance of outside forensic experts and found that it appears to be Yahoo user data. Based on further analysis of this data by the forensic experts, Yahoo believes an unauthorized third party, in August 2013, stole data associated with more than one billion user accounts.
If you or anybody you know uses Yahoo’s services in any way, it is HIGHLY recommended that you take steps now to protect yourself. Change your password, update security questions, and watch every account you had tied to Yahoo’s email or other services. If you used your Yahoo account credentials on any other site or used the same username / password combination on other sites, it is STRONGLY recommended that you change the password and security questions for those accounts as well.
Yahoo has created a FAQ page providing more information and steps you can take to protect yourself