I just got eMail (newsletter) from a reliable source saying there had been a breach of security at Yahoo and it recommended changing the password on all your Yahoo services. This failure actually occured two years ago but Yahoo is only now confirming it. Inexcusable!
How to Change Your Yahoo Password
Go to Yahoo and sign in to your eMail account. When I first sign in I’m not taken to eMail right away and I would like to point out that I usually use the SeaMonkey eMail program to check my eMail.
Click on the Mail icon in the top right-hand corner to go to your Inbox.
When you go to your inbox, you will see a Gear icon in the top right-hand corner. Put your mouse over it and a menu drops down. Click on Account Info.
On the next screen, click on Account Security, then Change password.
In the Set a new password window, type in a new password. Confirm it by typing it again. You can check the Show password box to see what you are typing. Click on Continue.
Remember to make sure the password is not easy to guess, and don’t use the same password for every account.
—–
Its not true its taken 2 years to inform people.
My ISP uses them and informed us straight away.
Also here are some news articles from 2014
http://www.forbes.com/sites/jameslyne/2014/01/31/yahoo-hacked-and-how-to-protect-your-passwords/#749f14055b49
https://www.washingtonpost.com/business/technology/yahoo-mail-hacked-what-to-do-if-youve-been-affected/2014/01/31/2857ef8a-8a7d-11e3-833c-33098f9e5267_story.html
http://www.idigitaltimes.com/yahoo-mail-hacked-what-do-if-your-email-account-was-compromised-video-334496
According to Yahoo, the incident you have referred to did not involve a direct hack of Yahoo’s systems, this from Yahoo’s statement at the time:
The information which has just come to light proves that there was indeed a direct breach of Yahoo’s own network involving stolen information associated with at least 500 million user accounts – including: users’ names, email addresses, telephone numbers, dates of birth and encrypted passwords. Yahoo not only failed to publicly report the direct nature of this breach but also its massive extent.
https://yahoo.tumblr.com/post/150781911849/an-important-message-about-yahoo-user-security
http://theconversation.com/why-did-yahoo-take-so-long-to-disclose-its-massive-security-breach-66014
I did change my password back then. And just recently decided to do it again. Better be safe than sorry. Yahoo is also recommending to Disable Security Questions. Although not shown it would be on the same screen as the Change Password option.
I just changed my password yesterday. Previous change was two years ago so was overdue anyway. Haven’t disabled the Security Question but I know this is the same thinking on Gmail accounts. New accounts don’t give the option, and old accounts don’t allow changes to update an existing Security Question.