NEW YORK (AP) – Yahoo says it believes hackers stole data from more than one billion user accounts in August 2013.
The Sunnyvale, California, company says it’s a different breach from the one it disclosed in September, when it said 500 million accounts were exposed. That new hack revelation raises questions about whether Verizon will try to change the terms of its $4.8 billion proposed acquisition of Yahoo.
Yahoo says the information stolen may include names, email addresses, phone numbers, birthdates and security questions and answers. The company says it believes bank-account information and payment-card data were not affected.
Ohio Attorney General Mike DeWine offered the following tips to those whose information may have been stolen:
- Change your passwords and your security questions and answers. In addition to changing your Yahoo account passwords, change passwords for other accounts too, if you used the same password for those accounts. Create a different password for each account. Similarly, change security questions and answers.
- Use complex passwords. A password should be lengthy and contain multiple different characters, such as a variety of numbers, letters, and symbols. To help create such a password, consider taking a sentence you can remember and adding multiple different numbers and symbols throughout. Update your passwords regularly.
- Consider using two-factor verification. Two-factor authentication requires a password and another step to verify your identity. For instance, some sites may require a password and then ask you to enter a unique code to access your account. This adds a second line of defense.
- Monitor your bank accounts. Look for suspicious activity. If you find errors, immediately notify your bank or credit provider.
- Check your credit report. Monitoring your credit report can help you identify signs of potential identity theft. You are entitled to one free credit report per year from each of the three major credit reporting agencies. Visit www.AnnualCreditReport.com to access those reports. You can pull all three at once, or you can stagger pulling your reports throughout the year.
- Beware of scams related to the breach. Con artists may pretend to have information about the breach or they may falsely claim to want to help you. Some calls or messages may be scams designed to steal your money or personal information. Don’t give out personal information to those who contact you unexpectedly (even if they say they want to help you) and be wary about clicking on links or downloading attachments in messages.
(Copyright 2016 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.)