The Yahoo Breach: What to Do If You Have a Yahoo Account

This is an archived article and the information in the article may be outdated. Please look at the time stamp on the story to see when it was last updated.

Security analysts report that the Yahoo Data Breach, initially thought to be a state-sponsored hack, was actually perpetrated by Eastern European Organized Crime. Over 500 million records were compromised.

Not to be outdone in 2016, the Identity Theft Resource Center reports that there have been over 700 data breaches this year so far. That’s an average of almost two per day. Given these staggering statistics, how are consumers to protect themselves?

If you have an account with Yahoo or believe your personal data has been compromised any other data breach, consider the following actions:

  • Change your password immediately.
  • Create passwords that are at least 8-10 characters in length. Be sure to include upper and lowercase letters, numbers, and special characters like!|*@.
  • Don’t use the same password for multiple accounts. If a hacker compromises one of your accounts he will have access to all of those with the same password.
  • Avoid using birth dates or the names of your children, spouse, or a favorite pet. This information can be easily obtained from social media or other online resources.
  • File a report with local police as well as the police department where the identity theft occurred. Keep all records of your case, police reports and supporting documents as these may be needed by credit card companies or banks to prove innocence.
  • File a complaint with the Federal Trade Commission:1-877-ID-THEFT (438-4338)
  • Make a report to the Internet Crime Complaint Center (IC3):
  • Place a "fraud alert" or "freeze" on your credit reports. Contact the fraud departments of each of the three major credit reporting agencies. Let them know you've been a victim of identity theft and ask what protection is provided and if there are any costs to determine whether a fraud alert or freeze is best for your situation.
  • Notify all credit grantors and financial institutions. Check the status on existing accounts, as they may have been jeopardized. Find out if there is any unauthorized activity or new accounts have been fraudulently opened in your name. You may be advised to close some or all of your accounts. Create new passwords and change your PINs.
  • Monitor your credit: Check your credit report. Under the Fair & Accurate Credit Transaction Act, consumers are entitled to one free annual credit report from each of the credit bureaus. The only authorized source is (1-877-322-8228).

For more information on Data Breach Statistics, read the 2016 Data Breach Category Summary.

For a detailed industry analysis of the Yahoo Data Breach, go to InfoArmor: Yahoo Data Breach Investigation.

Check out this new video on Yahoo breach by the FTC - Yahoo Breach? Watch This. Source: United States Federal Trade Commission, - not subject to copyright protection. 17 U.S.C. 403.

To report a scam, go to the BBB Scam Tracker. To find trustworthy businesses, go to


Notice: you are using an outdated browser. Microsoft does not recommend using IE as your default browser. Some features on this website, like video and images, might not work properly. For the best experience, please upgrade your browser.