yahoo-breachAs you may have heard, Yahoo, the world’s second largest webmail provider, recently reported that they had an information security breach. As many as 1 billion accounts could have been compromised. The data affected by the breach may have included names, email addresses, telephone numbers, dates of birth, hashed passwords and, in some cases, security questions and answers. The breach does not appear to have included credit card and payment information.

If you or your loved ones have a Yahoo account then the breach probably included at least some of your information. However, though the breach was confirmed only this week, it actually occurred in 2013. It simply took quite some time for the breach to come to the attention of Yahoo’s security team. If you haven’t yet been affected by the data loss you may consider yourself lucky.

Regardless, if you have a Yahoo account you should take steps to protect yourself from the scum of the internet. Below are recommended steps to do so.

Change Your Passwords Immediately

Don’t just change your password for Yahoo, but also any account that is associated with your Yahoo account. For example, if you use your email account as a username on, your ESPN password should change as well. If your bank communicates with your Yahoo account, your bank password should also be changed. Don’t forget about other email accounts that use Yahoo as a recovery option.

Use Two-Factor Authentication

Whenever a change occurs to my Gmail account, I receive a text message on my phone requesting confirmation. This is called two-factor authentication and is by far the most effective method of maintaining control of your online accounts. If your email provider supports it, input your cell phone number and enable two-factor authentication. This way, unless your phone in stolen, you email can’t be taken over without your knowing it.

Don’t Reuse Passwords

A few years ago I lost access to all of my online accounts. My Facebook was breached, which had the same password as my Gmail and Hotmail, which was then used to reset my Amazon and iTunes accounts, and so on down the line. I had a very strong password, but Y0u$h@llN0tP@ss! was apparently easy to guess.

Since then, I have a different password for every website I visit. The easiest way to create and remember all your passwords is by using a password manager. Here is a list of several password managers that are very popular. Our personal favorite is RoboForm, but most will work for almost anyone.

Recover Your Account

If any of your accounts have been hacked and you have lost access, the first thing to do is attempt recovery. Start with the “Forgot Password” link and answer your security questions. If that doesn’t work, contact customer service for the website. Finally, you may need to call their support line as listed on the website.

You should also check all your other accounts to make certain that the breach didn’t spread. Finally, you should review your bank and credit card statements, as well as check your credit report for any anomalies. You can check your credit report for free once a year by going to

If you have any questions we are, as always, ready to take your call. We hope your holidays are outstanding and wish you a Happy New Year!