 "How to protect yourself after the Yahoo! attack")
How do I know if my personal information was stolen?
Assume it was.
Yahoo! said it had begun notifying potentially affected users, but its breach was huge, and similar attacks and smaller thefts happen all the time.
Should I change my password?
The first step, as always, is to change passwords for sites that contain sensitive information like financial, health or credit card data. Do not use the same password across multiple sites.
How do I create stronger passwords?
Try a password manager like 1Password or LastPass.
These sites create a unique password for each website you visit and store them in a database protected by a master password that you create. Password managers reduce the risk of reused passwords or those that are easy to decode.
If you must create your own passwords, try creating long, complex passwords consisting of nonsensical phrases or one-sentence summaries of strange life events and add numbers and special characters.
Are passwords enough?
Passwords are not enough. If a site offers additional security features, like secondary or two-factor authentication, enable them.
Then, when you enter your password, you will receive a message (usually a text) with a one-time code that you must enter before you can log in.
Many bank sites and major sites like Google and Apple offer two-factor authentication. In some cases, the second authentication is required only if you are logging in from a new computer.
How can I stop my information from being stolen in the first place?
Increasingly, you cannot. Regularly monitoring your financial records can help minimize the damage if someone gets your information. But only the companies storing your personal data are responsible for securing it. Consumers can slow down hackers and identity thieves, but corporate computer security and law enforcement are the biggest deterrents.
What if you have changed your password after the breach happened but before it was disclosed?
The Yahoo attack happened two years ago but was disclosed only this week. Even if you changed your passwords recently for other websites, chances are at least some of them are similar to the password linked to your Yahoo account two years ago.
To play it safe, you should change your passwords, starting with your most sensitive accounts, including your online banking account.
Assume it was.
Yahoo! said it had begun notifying potentially affected users, but its breach was huge, and similar attacks and smaller thefts happen all the time.
Should I change my password?
The first step, as always, is to change passwords for sites that contain sensitive information like financial, health or credit card data. Do not use the same password across multiple sites.
Also Read
How do I create stronger passwords?
Try a password manager like 1Password or LastPass.
These sites create a unique password for each website you visit and store them in a database protected by a master password that you create. Password managers reduce the risk of reused passwords or those that are easy to decode.
If you must create your own passwords, try creating long, complex passwords consisting of nonsensical phrases or one-sentence summaries of strange life events and add numbers and special characters.
Are passwords enough?
Passwords are not enough. If a site offers additional security features, like secondary or two-factor authentication, enable them.
Then, when you enter your password, you will receive a message (usually a text) with a one-time code that you must enter before you can log in.
Many bank sites and major sites like Google and Apple offer two-factor authentication. In some cases, the second authentication is required only if you are logging in from a new computer.
How can I stop my information from being stolen in the first place?
Increasingly, you cannot. Regularly monitoring your financial records can help minimize the damage if someone gets your information. But only the companies storing your personal data are responsible for securing it. Consumers can slow down hackers and identity thieves, but corporate computer security and law enforcement are the biggest deterrents.
What if you have changed your password after the breach happened but before it was disclosed?
The Yahoo attack happened two years ago but was disclosed only this week. Even if you changed your passwords recently for other websites, chances are at least some of them are similar to the password linked to your Yahoo account two years ago.
To play it safe, you should change your passwords, starting with your most sensitive accounts, including your online banking account.
You’ve reached your limit of {{free_limit}} free articles this month.
Subscribe now for unlimited access.
Already subscribed? Log in
Subscribe to read the full story →*Subscribe to Business Standard digital and get complimentary access to The New York Times
Smart Quarterly
₹900
3 Months
₹300/Month
SAVE 25%
Smart Essential
₹2,700
1 Year
₹225/Month
SAVE 46%
*Complimentary New York Times access for the 2nd year will be given after 12 months
Super Saver
₹3,900
2 Years
₹162/Month
Subscribe
Renews automatically, cancel anytime
Here’s what’s included in our digital subscription plans
Exclusive premium stories online
Over 30 premium stories daily, handpicked by our editors
Complimentary Access to The New York Times
News, Games, Cooking, Audio, Wirecutter & The Athletic
Business Standard Epaper
Digital replica of our daily newspaper — with options to read, save, and share
Curated Newsletters
Insights on markets, finance, politics, tech, and more delivered to your inbox
Market Analysis & Investment Insights
In-depth market analysis & insights with access to The Smart Investor
Archives
Repository of articles and publications dating back to 1997
Ad-free Reading
Uninterrupted reading experience with no advertisements
Seamless Access Across All Devices
Access Business Standard across devices — mobile, tablet, or PC, via web or app
SAVE 25%