September 2016

Yahoo Account Information Breach

What Happened?

In late 2014, state-sponsored hackers obtained account information (including names, phone numbers, security challenge questions with answers, and hashed passwords) for 500 million Yahoo accounts.

What is the Risk?

While the passwords exposed were hashed, weak or short passwords will be compromised over time by password cracking tools.

Dropbox Password Leak

While Dropbox is not approved for Harvard data, we realize many members of the community use it for personal data. For University data, you may use departmental shares or Harvard’s instances of Google Drive, OneDrive, and SharePoint.

What Happened?

A security incident at Dropbox in 2012 resulted in the breach of 60+ million email addresses and password has. Dropbox has forced password resets for affected users.

What is the Risk?