As reported on major news outlets yesterday, Yahoo has just announced a security breach that occured in 2014 which has resulted in the loss of information affecting approximately 500 million of their user accounts. The attack appears to have been sophisticated and involving a nation state sponsered attacker. Nation state attackers are usually funded and directed by a foreign government, however these claims have yet to be substantiated and should be treated with caution.
So how does this affect the average Yahoo user? According to news sources, they do not believe any financial data (credit cards) has been lost, but other data should be considered compromised. "The account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers," Yahoo said in a statement.
If you have a yahoo account you should immediately change your password. If this password is shared between other internet accounts such as paypal, amazon, banking sites, etc. They should also be changed as soon as possible. We encourage all users to maintain different passwords for each site they register for, and to use password vault tools such as KeePass or LastPass to help organize and maintain their passwords.
As more information is released we will update this article with appropriate information.