A data breach at Yahoo in 2013 affected every single customer account that existed at the time. Verizon, the new parent company of Yahoo, recently gave further details on the 2013 data breach, greatly increasing the number of accounts that were believed to be affected.
Three Billion accounts
In total, the breach involves 3 billion accounts, including email accounts, Tumblr, Fantasy accounts and Flickr. According to CNN that is 3 times as many accounts as Yahoo originally reported in 2016. Names, email addresses and passwords, but not financial information, were breached, Yahoo said last year.
The number of breached accounts was adjusted to three billion by Verizon after receiving new information. Verizon explained this in a statement.
"The company recently obtained new intelligence and now believes, following an investigation with the assistance of outside forensic experts, that all Yahoo user accounts were affected by the August 2013 theft."
It's unclear who exactly was behind the 2013 break-in, but analysts have reported that the stolen data was up for sale on the dark web.
Small businesses are at risk
Cyber hacks and data breaches have been in the news a lot this year. Yahoo is the latest well-known company to hit the headlines but the threat extends to small businesses as well.
Peter Bauer, co-founder of Mimecast, an international security company that handles 145 billion emails worldwide says "it’s a mistake to think that SMEs don’t present a worthwhile target."
“What does worthwhile mean?” asks Mr Bauer. “It’s relative to the cost of putting on an attack, and to the downside of getting caught.”
Those are both low when it comes to an attack on a small or mid-sized business. Hackers are encouraged to target businesses that don't have the resources to fully protect themselves from an attack.
Protecting your business email
Each time an attempt to hack your company is made using email, there are one of two aims: to steal money, or gain information. Bear this in mind because it can be key to spotting hack attempts.
Here are 5 steps you can take to help protect your business email.
An often-ignored simple tip involves passwords. Always use unique and complex passwords. Start using numbers, symbols and combinations of lower and upper-case characters in your passwords. Use a minimum of 8 characters and, although tempting, avoid using words that you have a connection to.
If you're sending sensitive information via email then start encrypting your emails. The most effective encryption starts with a similarly complex password for decryption. GPG/PGP and S/MIME are two of the more common encryption options available. They make email safer and can help fulfil compliance requirements.