Yahoo reveals hackers took a further 1 billion accounts (phone, DoB, names, emails)

Originally published at: http://boingboing.net/2016/12/14/yahoo-reveals-hackers-took-a-f.html

…

Yahoo!

And Verizon is now looking to renegotiate the buyout… fire sale prices coming up.
Bob damn it I wish I didn’t have so much stuff tied to that email.

I’m too lazy/depleted to search here, but is there an easy-to-follow multi-step guide to transitioning out of an email account one’s held for close to two decades, with recommended options for email accounts less inviting to hacks? 98% of my Yahoo! use was to subscribe to weekly digests and updates, with no personal correspondence, but using it for anything now is making me feel behind the times, especially when I check it only after a hack’s been announced.

Glad I never got a Yahoo account. It’s right there in the name people. Never trust a bunch of yahoo’s to do the right thing.

No.

Just make a new account on gmail or something.

I just googled “How to port Yahoo to Gmail” and found this (with pictures!)
I’ve not vetted it since I don’t yahoo. Let us know how it goes. I’m sure other Yahoo’s would like to know.

I am not sure which will get more usage in the upcoming years, that gif or the head table one.

It isn’t so much porting the mail over as oh god where I have signed up with for what site with that email over the years.

Well, you don’t have to delete the yahoo account, just stop using it for anything but a spam sink. Unless you gave them correct personal information when you signed up of course, but who does that?

Yeah. Right now it is majorly tied to my job search so just gotta wait a bit. It originally was for sign ups to fora, and good old fashioned mail lists of yore and has just gained a lot of cruft over the 20 years I have had it. Should have gone for hotmail at the time I guess.

Hotmail isn’t very good at filtering out spam, unlike gmail. It blocks senders’ complete email addresses. not domains like @pharma.can and not senders’ names. The developers of hotmail see no need for its users to have as much control over spamblocking as gmail users do.

What industry are you in?

Got an open spot for an experienced but somewhat specialized windows server guy?

No, I’m in Public Health. But I do have contacts at various power companies, ie. SDGE/SEMPRA. I’d have to check the platforms they use, Oracle & Main Frame rings a bell…

What I got was an account around 1990 that got sold to someone that got sold to someone that got sold to someone (at which point I had to change my address entirely, but it was technically the same account) that then got sold to someone that got sold to someone…and here I am with an account that doesn’t say “yahoo” but that’s the server it works through.

That’s a big security breach.

Once more unto the breach!

Does anybody ever give their real DOB? Or, for that matter, their real name, outside of accounts used for business?

They are using MD5 for hashing? Seriously? And they have a cookie algorithm that can be reverse engineered and forged? They deserved to be hacked. Nobody should be running a mom-and-pop website like that, much less a giant site like Yahoo.