Alert - Yahoo User Account Compromise

Number: AL16-024
Date: 15 December 2016

Purpose

The purpose of this alert is to bring attention to a recently acknowledged compromise CompromiseThe intentional or unintentional disclosure of information, which adversely impacts its confidentiality, integrity, or availability. of Yahoo user accounts.

Assessment

CCIRC would like to raise awareness to the potential risks caused by the compromise of a large number of Yahoo accounts.  Yahoo recently acknowledged that up to one billion user accounts may have been compromised from as far back as August 2013.  While Yahoo has stated that they are in the process of notifying owners of affected accounts, it is possible that these accounts will be used by malicious actors in phishing PhishingAn attempt by a third party to solicit confidential information from an individual, group, or organization by mimicking or spoofing a specific, usually well-known brand, usually for financial gain. Phishers attempt to trick users into disclosing personal data, such as credit card numbers, online banking credentials, and other sensitive information, which they may then use to commit fraudulent acts. and other campaigns.  CCIRC partners have recently reported an uptick in phishing email utilizing Yahoo mail accounts.  Yahoo account holders should also be aware that personal and password information may have been obtained by malicious actors and that they should take appropriate measures.

Suggested Action

Due to the potential risk presented by this account compromise, CCIRC recommends that Yahoo account holders follow the risk mitigation measures recommended by Yahoo and that stakeholders raise awareness of potentially malicious activity resulting from the use of compromised Yahoo user accounts.

CCIRC observes that passwords associated with Yahoo accounts that users may have reused for other non-Yahoo services (banking, social media, etc.) should also be changed to protect the integrity IntegrityThe ability to protect information from being modified or deleted unintentionally or when it’s not supposed to be. Integrity helps determine that information is what it claims to be. Integrity also applies to business processes, software application logic, hardware, and personnel. of other accounts.

References

Get CyberSafe Guide for Small and Medium Businesses:
https://www.getcybersafe.gc.ca/cnt/rsrcs/pblctns/smll-bsnss-gd/index-en.aspx%20-%20s6-2

Using Passwords:
https://www.getcybersafe.gc.ca/cnt/prtct-yrslf/prtctn-dntty/usng-psswrds-en.aspx

Spotting Malicious E-mail Messages:
https://www.cse-cst.gc.ca/en/node/237/html/2998

Recognize and Secure a Hacked Yahoo Mail Account:
https://help.yahoo.com/kb/account/recognize-secure-hacked-yahoo-mail-account-sln3417.html?impressions=truea

Date modified: