Yahoo hack: What do you do if your account was hacked?

Yahoo announced Thursday that at least half a billion people had their email accounts hacked in late 2014. In a press release, Yahoo said a “state-sponsored actor” was responsible for the theft – meaning, likely, Russia or China.

If you’re looking for some good news in this situation, here it is: the hackers did not get into everyone’s account. Thankfully, Yahoo protects accounts with “hashing,” a type of cryptography that is used to protect passwords, so there is a chance the hackers missed you.

Related: Yahoo confirms hack of 500 million users

However, those of us who use common passwords – looking at you “12345” – are less likely to have escaped unscathed.

Not only are Yahoo email accounts at risk, but Yahoo also owns Flickr and some of those accounts could have been hacked. Yahoo owns Tumblr, too, but they say no Tumbler accounts were affected.

>> Got a question about the news? See our explainers here  

So, whether you know if you’ve been hacked or not, here’s what you need to know and need to do if you have a Yahoo account.

1. Change your password – It seems like a closing-the-barn-door-after-the-horse-is-out moment, but not really. Change your account password in case you were not hacked and to stop anyone who has your password from getting back in. Do that now.

2. While we are on that subject, do not use the same password for other accounts. Using “password1” for everything is like opening gifts on Christmas to a hacker.  

    How do you come up with a secure password? Check this method. It’s a bit of work, but it will be worth it. Yahoo also suggests you enable two-factor authentication (2FA) – a two-step verification process that requires a password and username plus some other bit of information to get into an account.

    Check here for a list of websites that support 2FA.

    3.  If you have been hacked, Yahoo will notify you and will invalidate unencrypted security questions and answers. So those questions about the color of your first car, or your mother’s maiden name won’t work soon. By the way, you should make up not-so-common answers for those questions, too.

    From Yahoo, here are the signs of a hacked account and what to do.

    Signs your account has been hacked

    • Your account information has changed without your knowledge. 
    • There are logins from locations you don't recognize on your recent activity page.
    • You aren't receiving expected emails.
    • Your Yahoo Mail account is sending spam.

    What to do now

    Stop your account from sending spam

    Receiving spam is one thing. Getting reports of spam coming from your account is another. If your account's been hacked to send spam, you can fix it! The fastest way to stop your account from sending spam is to secure your account by creating a new, strong password or enabling Account Key. 

    Report a forged (spoofed) email

    Forged messages are emails that appear to be sent from your email address, but they're actually sent from an entirely different email account. If your Yahoo Mail is secure, but people are still getting spam that looks like it comes from your address, it's probably a forged, or "spoofed," email.

    • View the full header of the email in question.
    • From the last Received line of the full header, take note of the originating IP address.
      - This corresponds with the sender's Internet Service Provider (ISP).
    • Conduct an IP lookup through a site like to determine which ISP provides the sender with Internet access.
    • Contact the sender's ISP to request that appropriate action be taken.

    Email providers can't prevent such forgery, but if fraud is identified, action can be taken.

    Review your Yahoo Mail settings

    • Delete email contacts that you don't recognize.
    • Delete linked Mail accounts that you don't recognize or control.
    • Change your password on any linked accounts that you control.
    • Make sure your vacation response is turned off. 
    • See if someone else has been accessing your account.

    Other commonly changed Yahoo Mail account settings:

    • Signature
    • Sending name
    • "Reply-to" address
    • Mail Forwarding
    • Filters
    • Banned Addresses

    Restore missing email, IMs, and Contacts

    If you're missing emails, IMs, or Contacts, it's possible that you can restore your lost or deleted email and IMs. You may also be able to recover lost contacts.

    Check your computer for malware

    Malware can corrupt your system and capture sensitive information, like passwords and bank account numbers. There are several anti-malware programs you can find online that detect and remove malware on Macs and PCs. 

Reader Comments

Next Up in News

The plan to make Sam Olens president of Kennesaw State is inching forward
The plan to make Sam Olens president of Kennesaw State is inching forward
Attorney General Sam Olens. AJC file The plan to make Attorney General Sam Olens the new chief of Kennesaw State University is inching closer to...
Gwinnett rape suspect gets 3 life sentences for forced jail sex
Gwinnett rape suspect gets 3 life sentences for forced jail sex
A Gwinnett County inmate was given three life sentences Tuesday after sexually assaulting his cellmate on multiple occassions, officials said.
Rain chances, temps to drop
Rain chances, temps to drop
Atlanta weather forecast Today: Few clouds. High: 84 Tonight: Clear. Low: 66 Tomorrow: Mostly sunny.
Shimon Peres of Israel dies at 93; built up defense and sought peace
Shimon Peres of Israel dies at 93; built up defense and sought peace
Shimon Peres, one of the last surviving pillars of Israel’s founding generation, who did more than anyone to build up his country’s...
Fox News host Brit Hume: Hillary Clinton didn't look 'attractive' at debate
Fox News host Brit Hume: Hillary Clinton didn't look 'attractive' at debate
The internet was not happy with comments made by Fox News host Brit Hume after the first presidential debate on Monday.
More Stories

You have reached your limit of free articles this month.

Enjoy unlimited access to

Starting at just 99¢ for 8 weeks.


  • ePAPER

You have read of free premium articles.

Get unlimited access to all of our breaking news, in-depth coverage and bonus content- exclusively for subscribers. Starting at just 99¢ for 8 weeks.


Welcome to

This subscriber-only site gives you exclusive access to breaking news, in-depth coverage, exclusive interactives and bonus content.

You can read free articles of your choice a month that are only available on