You probably remember the incidents of Yahoo data breach that span in the course of several years. To refresh your memory about one of the largest cybersecurity breaches EVER you did NOT know about [Yahoo]: at least 500 million user accounts have been stolen and sold at least three times, including once to some state-sponsored actor. The following credentials of Yahoo users have been confirmed to be compromised:
- Yahoo Login
- Recovery Email
- Date of Birth
- Hash of Password
- Country Code
- ZIP code
The outside forensic experts Yahoo had hired to investigate the breach concluded that forged cookies may have allowed an intruder to access users’ accounts without a password in 2015 or 2016 to access compromised identified account. Yahoo had issued a security notice about the breach, and invalidated the forged cookies so they cannot be used again
You may remember the lucky #7 on our list of 11 Tips on taking precautions to secure your endpoint technology and keep your network protected from external threats:
Turn off both autofill function and cookies
An autofill is a user-permitted option for web browsers to pre-populate commonly-entered information such as name, email address or a card number in a web form. According to Google, users complete forms up to 30% faster when using autofill, and I am sure you’ve used it or have come across it, probably even more often than you realize. In information technology, a cookie is a small piece of data stored on a personal computer used by web browsers to identify, remember and recognize details about users and visitors, such as website preferences, or to record user’s activity while browsing, such as clicking links, buttons, using forms, logging in, etc.
Features like autofill and cookies are a convenience to the users, but by nature they can also be a major threat to the safety and security of your personal and sensitive information.
If you suspect your data has been compromised, implement these steps right away
…and practice them in the future for better security:
- Keep strong (complicated) passwords
- Change your passwords and security questions and answers for any other accounts on which you used the same or similar information used for your Yahoo account;
- Review all of your accounts for suspicious activity;
- Don’t trust emails and other forms of communication that ask for your personal information
- Don’t trust links that or refer you to a web page asking for personal information;
- Avoid clicking on links or downloading and opening attachments from suspicious or unknown emails adresses
- Consider using a secure try third-party app that can manage saved logins with a greater level of security. While using those apps is still not as secure as disabling an auto-fill feature altogether, it is better than leaving your auto-fill unprotected and potentially compromised.
When running a business your network security should go beyond disabling cookies.
Cybersecurity is important to everyone. Every SMB, not just a computer service company must protect their client data. When your network is secure, and your business data are properly protected, the total costs of your IT issues and resulting downtime will be reduced, giving you not just a better computer network environment and smoother business operations, but also adding to your bottom line.
Benefits of Computer Network Security Services for SMBs
Our engineers are professional experts in computer network security for business. We can help you define your specific business computer network security needs, identify vulnerabilities, and provide your organization with efficient security solution. We do not cut corners. We do not underestimate the measures needed to keep the malicious users – both external and internal – out of your business computer network. We help you keep your data secure, and your business network well-maintained.
If you need to speak with us right away, call 201-494-1414 to start a conversation about your business IT needs.