What to do: Every single Yahoo email hacked

What to do: Every single Yahoo email hacked

Monday, 9 October, 2017

If you had a Yahoo email account in 2013, it was definitely hacked and your personal details exposed, the company has admitted.

It came as something of a shock in December 2016 when Yahoo announced that a hack had left over 1 billion email accounts laid bare.

But this month Yahoo updated that figure to a staggering 3 billion – that is, every account that existed at the time.

It means every single Yahoo email in existence has been accessed, with passwords and security details exposed.

What to do: Every single Yahoo email has been hacked 2

In terms of massive data breaches, it really doesn’t get much worse than this.

What’s been stolen

If they were available on your email account then names, email addresses, home or mobile phone numbers, dates of birth, encrypted passwords and unencrypted security questions have all been taken.

It spells no end of trouble if you’ve had your account accessed by ne’er-do-wells.

Hackers could:

  • Set-up auto-forwarding to get copies of emails you send or receive
  • Edit your outgoing signature to include spammy links
  • Change passwords or security questions to lock you out of your own account
  • Alter your reply-to address so people in your Contacts list don’t know they’re not communicating directly with you

Yahoo issued this advice in the wake of the news.

Signs your Yahoo email account has been hacked

  • You’re not receiving any emails
  • Your Yahoo Mail is sending spam to your contacts
  • Your account info or settings were changed without your knowledge

What to do if you have a Yahoo email account

  • Change your Yahoo password immediately. Try a password with at least 8-10 letters, using a mix of capitals and lower case, and special characters like punctuation marks (!?@;_). Yahoo says it has already reset passwords for the majority of customers, but given the situation, it’s better to be safe.
  • Change your password on any other websites or social media accounts that used the same password as your Yahoo account. If hackers have your old password, they’ve still potentially got access to these other sites and all your personal information.
  • Don’t delete your account. While this may seem like the obvious option, deleting your account allows Yahoo to recycle your email address and spammers can take advantage by using ‘Forgot Password’ to impersonate you. It’s better to leave your account inactive than to delete it.
Tom Rodgers author picture


Tom is a tech journalist and former Editor at BroadbandDeals.co.uk.