IT Security Measures People can Learn from Yahoo’s recent Security Hack
One of the biggest security breaches in internet history happened very recently. In December 2016, American multinational technology company Yahoo! revealed that a cyber-attack had compromised at least a billion of its accounts. The attack exposed sensitive user information, such as usernames and encrypted passwords. Since the attack, the company has been urging all affected users to upgrade their password and upgrade their security measures.
What happened to Yahoo! should be a wakeup call for both users and online businesses. Thus, to minimise the likelihood of another data breach, here are some IT security lessons that people should take note from the recent cyber-attack.
Avoid Using Researchable Answers on Security Questions
Security questions are not effective when the hacker is able to figure out the answer easily. For instance, it is a security risk to assign the security question ‘What was your high school mascot?’ when the answer can be found on a Facebook or Twitter profile. Thus, it is ideal to pick security questions with answers not found on any profile or social media posts.
Alternatively, users can ‘lie’ on some security questions to fool hackers by providing a different response other than the right answer. Unique responses like ‘Why should I tell you?’ or ‘take a guess’ are great security answers.
Learn to Recognise Fake Password Email Reset Messages
IT support companies like ALLTEKS Ltd believes that some hackers use social engineering to gain access to an email account. This technique attempts to persuade the owner to click the link to email, which leads to a site that contains malware. Thus, users should ignore fake password reset emails especially if they did not request one personally.
Add Extra Security Measures
Ever since the breach, Yahoo! moved away from using security questions and implemented more secure password recovery methods. In the same way, users and businesses can safeguard their sensitive data by adding extra layers of security on their accounts. Password management programs and password fraud alerts through the two-factor authentication process are great alternatives.
These security measures can provide protection for users and businesses from data breaches. The Yahoo! breach should always serve as a reminder to remain vigilant with their personal data and do all necessary steps to protect their own privacy.