Yahoo’s biggest nightmare was confirmed yesterday – back in late 2014, a copy of certain user account information has been stolen from Yahoo’s network. The story started developing in early August when a hacker named “Peace” was openly trying to sell personal information of more than 500 million Yahoo account users on the dark web.

According to Yahoo, the account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords and, in some cases, encrypted or unencrypted security questions and answers.

Even though the breach happened two years ago it is not too late to take action, especially if you haven’t changed your password in a while.

Top 5 things you should do immediately

Change your password now!

It is as simple as that. Change not only your Yahoo password on your Yahoo account, but also review all your online accounts on which you’ve used the same or similar information. The sooner you do it, the better!

Turn on the two-step authentication that Yahoo offers.

Two-step verification uses both your password and an extra security code to verify your identity whenever you sign in to your account. If someone else tries to access your account, even if they can guess your password, they still won’t be able to get in without using two-step verification.

Pick better passwords.

We cannot stress more on the fact that using the same passwords for many accounts is not recommended. As you remember Yahoo are not the only one who’ve had similar issues. Back in 2014 eBay asked 145 million of their users to change passwords after a data breach. Changing your passwords often must be a habit!

Update your security questions immediately.

Yahoo says about 1 billion people globally engage with one of its properties each month. The chances your password is in the wrong hands are not minimal and the risk is real. Take action and don’t wait anymore, time is key here.

Go through old emails and remove sensitive content.

If your Yahoo account information is indeed for sale on the dark web, someone can hack into your email at any minute. There is tons of document scans, tax returns, credit card details and invoices that may be laying around your inbox. All these documents contain information you want to keep for yourself.

Remain vigilant! After Yahoo admitted the data breach you may be approached by fraudsters pretending to be someone they are not. It is important for you to not engage with online fee-based, toll-free-number services. Even though the incident happened nearly 2 years ago and you may be off the hook, we advise you to remain cautious and spend some time making sure you are fully protected.