Yahoo, Hackers, Passwords and My Online Security


I got my first email in 2001 and it was a yahoo account. It was opened for me by a friend who had moved abroad and wanted to encourage me to use the internet to keep in touch, rather than the more expensive post or telephone. I chose a very simple password, something I felt I would never forget. By 2005/06, that friend was no longer in the picture but I was vastly more experienced in using the internet. Yahoo had started 360 and I set up an account - my first experience of social media.

Fast forward six years and I work from home and most of the work is online. I play online, as well as do my shopping, blog and use other social media. My yahoo account is still my primary email, and the address is the only one that has my real name. The password I chose more than 10 years ago is still my favorite and I frequently use it for a lot of other websites when I need to register for one reason or another.

That was my main mistake. I started yesterday with the following email from Book Depository, an online book retail site.

Dear ...,

At The Book Depository we take your security and privacy very seriously. As part of our routine security and privacy checks, we have become aware of a security breach at an unrelated third party which has resulted in a set of email addresses and passwords being posted online (see BBC news report http://www.bbc.co.uk/news/technology-18811300). We believe that your email address was on the disclosed list.

Some hours later there were a flurry of emails from other web service providers including Amazon, Hulu and Twitter. They believed my email was compromised, and had disabled or reset my password. They were also basically saying that I should come over and change to a better and stronger password.

Funny, I only heard from Yahoo this morning, when they should have been the first to contact me. Anyway, now I have more clarity on where it was that water entered the gourd, as they say in my language. I write for Yahoo as an Associated Network contributor, something I registered about three years ago.

The yahoo email goes on to apologize and advice all account holders on various ways to secure their accounts including those suggested by other service providers.

And for consumers like me who use the same login information on services across the Internet, they suggested the following;

• Change their passwords for any account they hold every few months,
• Use a different password for each service or website, and
• Create passwords using a mixture of characters, symbols, and numbers.

Since Atala, who works in IT and is also active on the internet, discovered my passwords issue, he had been on my case to change and diversify my email accounts and passwords for better online security. In some places, I listened to hime, in others, I was just too lazy. Now, after trotting all over the internet changing passwords and thinking up new ones, I know better.

I will more proactively be monitoring all the activities on my email accounts and using the service provided by some sites like Facebook, gmail and even yahoo, to check the location from which someone logged into my account.

And I require a favor from you guys too. If I've contacted you before, please be on the lookout for spam originating from my email and do let me know. Thanks.

Who else was affected by the hacking of yahoo and their associated services?

Elsewhere on the Web