If you're a Yahoo user and haven't changed your password in the last two years,
DO IT NOW!
BBC is reporting a MAJOR hack:
Attack on Yahoo hit 500 million users - BBC News
" Yahoo says hackers stole information from about 500 million users in 2014 in what appears to be the largest publicly disclosed cyber-breach in history.
The breach included swathes of personal information including names and emails as well as “unencrypted security questions and answers”.
It did not include any credit card data, the site said, adding it believed the attack was state-sponsored.
The FBI has confirmed it is investigating the attack.
Questions for Yahoo: Analysis by Dave Lee, BBC North America technology reporter, San Francisco
The nature of the information stolen feels somewhat run of the mill - no payment info, and passwords were encrypted. Good. But the chain of events leading up to this unprecedented announcement gives rise to some incredibly pressing questions for Yahoo.
Why did it take so long for them to confirm the hack and its scale? Why did it take them so long to tell users and prompt them to protect themselves?
State-sponsored attacks are typically for political, not financial gain. So why were details reportedly being sold online? What evidence is there that it was state-sponsored?
Verizon, which has agreed to buy Yahoo, said it had not been told until a couple of days ago - why not? And why is Marissa Mayer, a chief executive who has presided over bad deals and now the biggest breach in internet history, still in charge? "
Why on earth aren't big Companies learning to disclose early is the best possible strategy?
Two years after an attack is not good enough!
Microsoft & Yahoo are simply not doing good enough to earn the trust of those of us sceptical about IT/Internet security.
Yahoo give the impression that the data stolen isn't critical as no credit card details.
Maybe so, but on how many occasions/sites are you asked for the following data?
"The data taken includes names, email addresses, telephone numbers, dates of birth and encrypted passwords."
Pretty much everyone that is security conscious. Many use the same password for other sites.
Used Paypal, Amazon, EBay lately?