Sky customers told to change passwords after massive Yahoo hack

Sorry, you’re actually a Yahoo user.

Graham Cluley
Graham Cluley
@[email protected]

Sky customers told to change passwords after massive Yahoo hack

Yahoo provides Sky customers with email services. And, as you’ve no doubt heard, Yahoo has just officially confirmed that it was massively hacked back in 2014 – exposing some half a billion customer records.

Where does that leave Sky email customers? Sadly in the same boat as Yahoo customers.

Here is what Sky is telling its customers:

Sign up to our free newsletter.
Security news, advice, and tips.

At Sky, we take the security of our customers’ data and information extremely seriously.

You may have seen that overnight Yahoo! announced that a copy of certain user account information was stolen from its company’s network in late 2014. Yahoo! is the provider of email accounts.

If you are a email holder, in line with the advice provided by Yahoo!, we advise that you change your passwords online and follow good password management practices.

Good password practices means ensuring that you’re not reusing the same password anywhere else online, making sure that your passwords are strong, hard to crack and impossible to guess.

My advice? Get yourself a decent password manager and – where possible – enable two-step verification to further defend your online accounts.

Of course it’s worth remembering that it’s not currently thought that the passwords of those 500 million Yahoo users have been stolen. But other credentials have been (email addresses, phone numbers, dates of birth, and sensitive security questions and answers).

And that’s still enough information for online criminals to cause a mischief and potentially break into accounts.

You can read more advice in my article on the Yahoo breach.

A similar warning has been issued for users of BT Yahoo Mail.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

2 comments on “Sky customers told to change passwords after massive Yahoo hack”

  1. Matthew Parkes

    As per the message I sent Graham on Twitter the other day, Sky takes customers security seriously by limiting passwords to using letters & numbers only !!!!!

    And something I bet they are also kicking themselves for, at least I would hope is that they didn't get Yahoo to enable 2SV on Sky accounts when it was first introduced despite customers back then asking for it.

    1. Bob · in reply to Matthew Parkes

      2SV is good practice but the severity of this attack would probably have rendered it useless simply because Yahoo had so much material compromised.

      2SV will make it more difficult against somebody who guesses your password; it won't stop a determined hacker or an actor who substantially compromises (as is the case here) an organisation's systems.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.