WASHINGTON ? Struggling Internet giant Yahoo is facing a class action lawsuit for one of the largest data breaches in history that affected some 500 million users, two US law firms representing the plaintiffs said in a press release.
Last week, Yahoo announced in a statement that a state-sponsored actor had hacked its networks in late 2014 and stole user personal information including contact information, passwords, and dates of birth.
“Labaton Sucharow LLP and Robbins Geller Rudman & Dowd LLP jointly filed a class action today against Yahoo? concerning an unprecedented breach of the tech giant’s security affecting approximately 500 million users,” the release stated on Friday, Sept. 23.
Yahoo, the release continued, exhibited reckless disregard for the security of its users’ personal information and should be held responsible for damages rendered.
The release claimed that the 2014 data breach of Yahoo?s network was the largest from a single site in history.
Yahoo noted that it is cooperating with law enforcement agencies concerning the hack. The Internet giant also said it has worked to enhance its network systems to prevent future attacks.
Meanwhile, the National Privacy Commission (NPC) reiterated its recommendations for Yahoo users to change their passwords on their email accounts.
Other than changing their Yahoo log-in credentials, the NPC also recommended that Yahoo users change log-in credentials of their other online accounts where they might have used their Yahoo email for account verification purposes.
?The security questions on Yahoo might also have been compromised and it would be a good idea to revise the security questions or disable that feature,? the agency said.
The NPC also recommended activating a two-part authentication to gain first time access to your account. ?Two-part authentication uses a phone number you provided to verify your identity,? it explained.
According to NPC commissioner Raymund Liboro, a compromised email account can be an avenue for a hacker to gain access to other personal on-line accounts of an individual, from social media sites to on-line payment portals.
?That is why it is important to maintain good password hygiene, use pass phrases with numbers or special characters instead of single words, take note of log-in attempts into your account/s that weren?t initiated by you, and change your password/s two to three times a year, or as many times as you change your toothbrush? Liboro added.
It was revealed at a Microsoft Cybersecurity Summit for government agencies that it takes an average of 502 days for system administrators to detect a security breach. ? with reports from PNA/Sputnik