If you’re one of over a billion users worldwide who have a Yahoo email account, you may be affected after the company admitted Thursday that users’ info from 500 million accounts was hacked in late 2014.
According to a blog post from Yahoo’s chief information security officer, Bob Lord, the hacked information included passwords, email addresses, phone numbers and security questions.
If you were affected you should have received an email from the company with a list of recommendations.
First and foremost, as many cyber security experts often recommend, users who haven’t changed their passwords since 2014 are asked to change them.
But in this case users should also change their security questions and answers, whether or not they have had them encrypted.
If you use the same password on multiple sites, you’re encouraged to change them as well.
Another recommendation is to use two-step verification, or Yahoo’s own account key, which sends a prompt to your mobile phone before allowing someone to log in.
As for your credit card data? The investigation “suggests” the hack didn’t include any payment information, according to Lord.
But he recommends you check your accounts for any “suspicious activity,” though there is no example of what suspicious activity entails.
Tumblr, Flickr affected?
Yahoo also owns the blog site Tumblr and the photo sharing site Flickr. But Tumblr accounts should be safe because the company uses a different database.
“The systems from which the data was stolen contained no Tumblr user data at the time of the theft,” a statement on the website reads.
However, there was no official word on Flickr. USA Today reports that some accounts are affected, since many Flickr and Yahoo accounts are linked. Yahoo has not replied to requests for comment.