Yahoo has announced that information associated with at least 500 million user accounts has been stolen by what the company believes is a state-sponsored actor. If you have a Yahoo account, you should change your password immediately and enable two-step verification. In addition, if you use Yahoo as your primary email provider, you should change the passwords for any online account tied to your Yahoo email address, since the thieves could have used password resets to gain access to those accounts as well. More so than any other recent example, this breach shows the importance of using a password manager like 1Password or LastPass to create and enter a separate strong random password for every site.
Read the full article at TidBITS, the oldest continuously published technology publication on the Internet. To get a full-text RSS feed, help support our work and become a TidBITS member! Members also enjoy an ad-free version of our Web site, email delivery of individual articles, the ability to make long comments with live links, and discounts on Take Control orders and other Apple-related products.