ActionFraud - National Fraud & Cyber Crime Reporting Centre - Call 0300 123 2040

500m Yahoo accounts stolen – how to protect yourself

Yahoo has confirmed a data breach where 500 million user accounts have been compromised by a “state-sponsored actor".


The hack which took place in 2014 has only now been made public. This makes it the largest publicly disclosed cyber-breach in history. 

According to Yahoo, the data taken includes names, email addresses, telephone numbers, dates of birth, encrypted passwords and in some cases, security questions and answers. 

The company said the information was stolen by a “state-sponsored actor” and are investigating the breach with law enforcement. 

“The ongoing investigation suggests that stolen information did not include unprotected passwords, payment card data, or bank account information; payment card data and bank account information” Yahoo said in a statement. 

Yahoo have confirmed that they are contacting affected users by email and taking some steps to protect them, but there are also things you can do to try to keep your information secure.

Here’s what you can do to make yourself safer:

  • Change your password and security questions for your online accounts. Use three words which mean something to you but are random to others - this creates a password that is strong and more memorable. You should change passwords often and never use the same one twice.
  • Monitor your account for any suspicious or unexpected activity.
  • Be very wary of any emails purporting to come from Yahoo, particularly if they prompt you to click any links, download any attachments or give out any personal information. 
  • Be wary of anyone calling asking for personal information, bank details or passwords. If in doubt, just hang up.
  • Contact your bank/credit card company, so that they can monitor for suspicious activity on your account.
  • Watch out for signs of identity crime. Visit ExperianEquifax or Noddle to check your credit rating to make sure no one has applied for credit in your name.
  • For online safety advice visit Get Safe Onlne and Cyberstreewise.
  • If you have fallen victim to fraud, report it to Action Fraud and get a police crime reference number. 
  • Yahoo is also asking users to consider using Yahoo Account Key, a simple authentication tool that eliminates the need to use a password altogether.

You can also find a full list of FAQ’s from Yahoo containing details about this issue. If you need further information or assistance with your account, please visit the Yahoo help page where you will find the latest information and may be able to access direct customer support.

Sign up for free to Action Fraud Alert to receive direct, verified, accurate information about scams and fraud in your area by email, recorded voice and text message.

Most shared articles

Related articles