Uh Oh, Yahoo Breach Hits 1 Billion User Accounts

Could this be the catalyst for change to end hacks?

Compromised enterprises face huge barriers to rebuilding customer trust and brand reputation. And for Yahoo, this may be an insurmountable task.


In September, Yahoo disclosed that the company lost access control for over 500 million accounts. Turns out the largest breach in history of 500M Yahoo accounts in 2014 is only half as much as the latest and largest hack ever discovered – 1B Yahoo accounts lost in 2013. Will this event finally be the catalyst for not only Yahoo but every other company that maintains customer accounts to force needed change in our reliance on passwords alone to secure accounts?

Whether you stay with Yahoo! or switch to another provider, my advice is the same. Fasten your “cyber safety belt” by turning on multi-factor authentication (MFA). After all, over the last few decades, most Americans have come to accept seat belts as an essential safety measure. The “Click-it or Ticket” education campaigns have been highly effective. Maybe this large scale event will serve to raise awareness about the inadequacy of the common password and to introduce the “cyber safety belt” — two-factor authentication.

Yahoo is simply not safe to use unless you turn on Yahoo Account Key or another multi-factor authentication solution. In fact, Yahoo might be better served if they ONLY accepted Account Key or another MFA and stopped allowing passwords by themselves.

Now is the time for visionary companies to stop accepting passwords alone and provide the kind of protection that both the organizations and users need in today’s increasingly complex and vulnerable security environment to mitigate password risk and require additional factors of authentication.

Yahoo can take this opportunity to position themselves as leaders in security. Like Apple getting rid of Ethernet and other out-of-date ports on their hardware. Yahoo should accept the responsibility, communicate the fix and then go on to be a leader in catalyzing positive change across the industry with MFA.

The time is now for MFA and Yahoo needs to lead the charge across the industry.

To learn more about today’s MFA, check out our eBook: “Level Up Your Security.