Security advisory regarding Yahoo hack
Yahoo recently confirmed a massive breach of over 500 million email accounts, including both credentials and security questions.
At Mailfence – a secure and private email service, the security team was closely monitoring developments since the initial suspicions – and was analyzing the impact it might have on our users. As a result, we have decided to issue this generic security advisory regarding Yahoo hack.
- If your account recovery address is a Yahoo emailaddress, this means that the compromise of your Yahoo address could lead to a compromise of your Mailfence account. We therefore recommend you to change your yahoo mail account password and disable security questions.
- If your Yahoo address that has been compromised, has a recovery account of Mailfence – then it can be changed (without you even noticing it) and you’ll no longer be able to use your mailfence account to recover your yahoo account. Therefore, go through your recovery mail account list on your yahoo account and make sure they haven’t been changed.
- If you are using the same password as your Yahoo account with Mailfence OR any other service, we recommend you to change all those passwords and use different and strong passwords for each of the services you use.
- Apply Two-factor authentication on your Mailfence and other accounts for optimal security and do keep a check of your account from haveibeenpawned/breachalarm.
Our security team will continue to monitor developments and update all users as necessary.
Got some questions? feel free to contact our support (support at mailfence dot com).
– Mailfence Team
Salman works as an Information security analyst for Mailfence. His areas of interests include cryptography, security architecture and design, access control and operations security. You can follow him on LinkedIn @mohammadsalmannadeem