WASHINGTON, D.C. – Following today’s news that the Yahoo breach of August 2013 affected every single customer account – three times more than Yahoo originally reported – the National Cyber Security Alliance emphasizes the importance of staying safe and secure online.
“Major data breaches – which, like the Yahoo event, can affect billions of people – remind us that we must be vigilant in protecting our personal online information,” said Michael Kaiser, executive director of the National Cyber Security Alliance. “An easy first step for everyone to better secure all email, social media and financial accounts, is to ‘lock down your login’ with security tools such as multi-factor and strong authentication, which provide an additional layer of protection. Most email, major financial and social media companies now provide stronger authentication that can be easily implemented on their websites. Email accounts in particular are extremely important to protect as once breached, hackers can use them to reset passwords and break into other accounts, steal identities, target contacts and put an individual’s data and reputation at risk.”
NCSA urges all Yahoo users to immediately increase the security of their accounts.
This new revelation for Yahoo comes while National Cyber Security Awareness Month is in full swing. Even if you are not a Yahoo user it is a good time to for everyone to take the following proactive steps to protect their online information, remembering that securing the internet is our shared responsibility.
All internet users should follow this basic advice to stay safer and more secure online, including the following:
- Lock Down Your Login. Use strong authentication — more than a username and password to access accounts — to protect your most valuable accounts including email, social media and financial.
- Make better passwords. If passwords are the only option, change and make them better. Length and ability to remember passwords are the two most important factors. A phrase of multiple words you can remember makes a good password. Important accounts should have unique passwords not used to access any other accounts.
- Clean and keep all machines clean. Immediately update all software on every internet-connected device. All critical software – including PCs and mobile operating systems, security software and other frequently used software and apps – should be running the most current versions. Delete all unused apps.
- Monitor activity on your financial and credit cards accounts. If appropriate, implement a fraud alert or credit freeze with one of the three credit bureaus (this is free and may be included if credit monitoring is provided post breach). For more information, visit the Federal Trade Commission website: identitytheft.gov.
- When in doubt, throw it out. Scammers and others have been known to use data breaches and other incidents to send out emails and posts related to the incident to lure people into providing their information. Delete any suspicious emails or posts and get information only from legitimate sources.
For more information, including links to sites that offer multi-factor or stronger authentication, visit https://www.lockdownyourlogin.org/
More information on National Cyber Security Awareness Month can be found in this media backgrounder.