I kick myself for still having an old Yahoo account. It has been hacked several times. Even after changing passwords, I have received emails and calls from friends saying that they've received possibly virus-laden spam from my account.

I've been reluctant to delete that Yahoo account because I always think there will be something of value sent there and not to my gmail account, but the article in the OP is the last nudge I need to shut down that Yahoo account completely.

have to make some major switch overs to shut it down. damn

But the account is technically still in existence for three months. This is the message I received upon deletion:

You no longer have access to this account, which will be deleted from our user database in approximately 90 days. This delay is necessary to discourage users from engaging in fraudulent activity.

They have to retain data for 90 days in case the law wants to see what was in there. Been that way for a while.....

They'll read about my sister and I kvetching about the weather? Go right ahead, NSA guys. Enjoy.

But the intent is to be able to go back after they uncover a crime and see who else might be involved, or what else was going om.

For example, someone deletes all there social media accounts and emails and then goes out and shoots up a school. They want the ability to go back and reconstruct what lead up to the shooting.

But.... What it really leads to is the belief that they own all of your data if you are ever accused of any kind of crime. You can be prosecuted for deleting data before any crime is investigated as though you willfully did it after it was clear the authorities would be interested in it.

They reach too far imho.

but I have nothing to hide and have no intent to commit a crime, so I'm not concerned about anything showing up on their radar. If I did do something heinous, I would forfeit my right to privacy to a degree, just like I forfeit my right to freedom after being imprisoned.

They can and do get secret access to email accounts just on the suspicion that you did something. It's a 4th amendment issue.

The gov't can't come into your home and rifle through all of your correspondence and documents without a VERY good reason and a specific search warrant.

That doesn't exist for your soft data. They can get an open ended secret warrant, and put your isp under a gag order, and keep you under surveillance pretty much forever, without you ever knowing.

You don't have to do anything wrong. They just have to acquire an interest in you.

And if trump gets into office, they can get interested just because you criticize him.

I get very little spam, and it goes into the spam folder anyway. I like gmail because it is reliable, you can have your emails come in pre-sorted into Primary, Social, Promotions, and Updates. Primary is from actual people. Social is notifications from social media. Promotions is for things you sign up for like Panera Bread offers. Updates are for things like your Amazon order that has shipped.

It is also Android friendly and I have it on my Android phone seamlessly.

But is under constant attack. Individual accounts are breached daily at GMail. I've not heard Google disclose a breach yet, but give them time, it will happen. Nobody and nothing is safe.

Please, if you don't already, use a password manager and have unique passwords for all of your various logins online. That will mitigate the damage when a breech occurs.

Most individual account hacks come from a breech (say Dropbox) and then hackers try those stolen passwords on other sites like GMail and get in that way. Its become commonplace these days.

Last Pass works pretty well.

or are they accounts using passwords only and are thus guessable? I've not seen any hard data on the frequency of account hacking for any email provider comparing the use of only passwords versus the use of passwords and 2 factor authentication. I think it is silly to not be using 2 factor authentication myself as that adds another security layer. I have it on all my email accounts including Yahoo so I will be curious to see what type of accounts have been exposed.

Doesn't mean it won't happen sometime in the future, anything is possible. The more complicated a system gets, the more attack vectors it has. Two factor auth isn't a panacea, it never will be.

But two factor auth, if an option, is usually a smart option to take, if you don't mind putting up with it. Its one of the best, widely used options available to us.

The problem with that is, many people hate it. Its more security than they want to put up with and avoid it if possible. That is until they are compromised somewhere important to them, then they're all in for 2-factor.

I do unique passwords and 2-auth wherever I can.

I agree that 2 factor authentication isn't a panacea and I agree with your overall perspective here. I just wasn't aware of any widespread circumvention of 2 factor authentication to date. There are ways to circumvent it but those that I am aware of require control of or access to the person's cell phone, landline telephone or even their email (where authorization codes could be sent).

2 factor authentication is a bit of a hassle but it is certainly far better than not using it imo. I too use strong, unique passwords for every website or account that I have. And I use KeePass for storing all my login ids and passwords. To me it is simply a very minor hassle use these tools as I have many hundreds of login ids and password pairs to store and use.

I like KeePass because I can keep the file on me. I just don't fully trust the cloud, though Last Pass works really hard to get my attention.

Made them super random and crazy.

finance page on the internet, they revamped it with adware, reorganized the navigation, and it is now so slow it is not usable.

Fortunately the Canadian yahoo site didn't get the "new look and feel", and it works just fine.

Canadian Site:

ca.finance.yahoo.com

I wonder if Verizon has a case against Yahoo, if Yahoo was aware of this, and didn't disclose it?

The problem with the Canadian site is that it lacks some of the financial details on small and micro cap companies that the American site offers. That data can be found elsewhere, but it means navigating through multiple sites (not a bad idea if you're planning to make a stock market investment anyway).

I will try the Canadian version.

Expect any and all Internet services you use will be breached some day.

Here's a tip: Never recycle passwords. Start using a password vault and have unique and very hard passwords for all logins you have professionally and personally.

KeePassX is a good one if you like installing an app on your devices and keep your password vault locally. Lastpass is a fine cloud based one with many kinds of plugins for various browsers and devices.

Whichever is fine. Or some other password manager you find, but never recycle passwords again.

The Corp. reset everything. All users who want their account/email back will have to 'verify' to make a new password, security questions and get the account back. Purge will clean out several years of server storage space, includes photos sharing site Flickr and the blogging platform Tumblr . Provide the buyer(Verizon) with updated clean account information including current phone number as part of the new security.

Why don't we have thousands of people complaints by now from an 'information dump' 2 months ago? (millions of accounts) Just my opinion.

and a password keeper.

You just have to make sure the password doesn't have any characters you can't type in your mobile phone if you need to. Like |

https://strongpasswordgenerator.com/