Yahoo may be dealing with the biggest data breach ever, after hackers steal cyberinformation from 500-million users.
Some Hawaii residents may have been affected, and that could lead to fines for the tech company from the state.
The tech experts at Supergeeks see compromised computers all the time, when home PCs are hacked.
“There’s a ton of different hacks that can occur, from brute force to password stealing to malware or viruses pulling information. So there are lots of different ways it can happen,” said Supergeeks CEO Tim Caminos.
Or in the case of Yahoo, hackers can also target the company’s server itself. Cyberthieves didn’t target bank account and credit card information but instead the personal information of 500-million users.
After getting names, email address, and contact info, hackers can then email thousands of people in an effort to scam money from them.
“One scam we see quite often, if they obtain your email, the hackers will send to your contacts a letter of sympathy. It will say, ‘I’m stuck on the mainland or another country, and I need $500. Will you help?’,” said Caminos.
While it can been difficult to tell if a computer has been hacked, users can check their sent box to see if any unusual emails have gone out.
Making sure anti-virus and anti-malware programs work can also stop some cyberattacks.
Yahoo is asking potentially affected users to immediately change their passwords.
Those passwords should be strong ones, as the harder it is — the harder it is for hackers to figure it out.
Safeguards can be added by requiring 2-way authorization to sign in.
“If you are logging in from a non-trusted machine or even trusted one, you can get a text to your phone saying, ‘You need to provide this number in order to log into the email’,” said Caminos.
The largest cybersecurity breach may cause headaches for users to secure their information while more than just a black eye for Yahoo, but also potentially big fines.
Because according to Hawaii Revised Statute,
“Any business that conducts business in Hawaii that maintains or possesses records or data containing personal information of residents of Hawaii…shall notify the owner of licensee of the information of any security breach immediately following discovery of the breach.”
Yahoo’s breach happened back in 2014.
While reports of the breach surfaced this summer, the company didn’t announce the cybersecurity attack until now.
If it is found in violation of state statute, Yahoo could be fined $25-hundred for every violation.