What does the Yahoo breach mean for New Zealanders

would-you-return-these-keys

That’s right, It’s only happening more and more often. There’s been another massive data breach. This time Yahoo has been hit, with around 500 million accounts compromised. It’s not clear how long the information has been out and about, however it sounds like the initial breach happened in 2014! Unlike a traditional set of keys, this information can’t be returned once it’s been let loose on the internet.
That means that if you’re still using a password that you’ve ever used on a Yahoo service you need to change your password ASAP.

What about my @xtra.co.nz email account?

Well, Spark haven’t announced anything offical yet, they did run their email account services through Yahoo servers for several years. They also announced earlier this month that they would no longer be using Yahoo. You’d be wise to change your password straight away.

And while you’re at it, make sure you opt in to keep all your emails, contacts and calendar information in the upcoming switch from Yahoo to SMX by opting in at https://www.spark.co.nz/email. You need to give permission before 30 November.

Here’s what you should do about the Yahoo breach:

Open your password manager and change your password for any site that has been associated with Yahoo.

Don’t have a password manager? You should sign up for one today (try Dashlane, LastPass, 1Pasword, SmartLock, Keychain), or manually go to each site and change your password.

Which passwords should I update?

Here’s a list of sites that you might need to update your password for.

  1. Any site with the same password as any other site.
  2. Xtra or Spark email login.
  3. Yahoo account
  4. Flickr account
  5. Tumblr account

What’s the risk if you don’t

Did you write all your emails like they might be read out in court? I didn’t think so. Someone out there will be willing to monetise your bad luck of being part of this breach. It might take a while for them to get to your name in the list of millions of accounts, but for the sake of signing in and changing your password you’ll save yourself a lot of hassle.
I’ll leave you with one last thought… If you’re using an xtra.co.nz email account for business, what would happen if your competitors logged in and read all your emails? Perhaps they’d delete them all to cause you hassle, or maybe get strategic about using the information.

Please change your password!