Proton Mail security advisory regarding Yahoo Hack

Proton Team

Share this page

Confirming what was long suspected by the security community(new window), Yahoo has confirmed a massive breach(new window) of over 500 million email accounts, including both credentials and security questions.

October 4, 2017 Update: Yahoo now confirms that the hack impacts 3 billion accounts(new window), and not the 1 billion or 500 million that was previously reported.

Email’s changing threat model

In the past couple years, the increasing number of high profile email hacks(new window) have clearly demonstrated that the threat model for email has changed dramatically. While previously there was a reasonable expectation of security and privacy with email communications, now it is becoming fairly evident that most email systems are simply not capable of protecting user data. However, email is still an essential part of our lives, an integral part of our digital identity.

At Proton Mail, we are addressing this problem by taking a completely different approach to email security compared to every other major email provider. We have a different threat model, where our starting assumption is that a security breach is inevitable, and we have designed our entire architecture around that premise. This is because in our view, the existing paradigm of cyberdefense, which is “keep the bad guys out,” is a failed approach.

There are a multitude of methods through which server security can be breached, and an attacker only needs to exploit a single vulnerability once, while a service provider on the other hand must constantly mount a successful defense against all attack vectors. In short, cybersecurity is a form of asymmetric warfare which decisively favors the attackers, and as we have seen time and time again, even sophisticated tech companies with competent security teams such as Linkedin(new window) and Yahoo have been breached. Thus, it is safe to assume that all services will eventually be breached. By definition, it simply isn’t possible to have 100% security.

This is the reason Proton Mail was designed from the ground up with end-to-end encryption. If the working assumption is that servers storing data will eventually be breached, the next best option is to not have data in the first place. By encrypting customer emails on the client side before they reach Proton Mail servers, Proton Mail does not have the ability to decrypt any of the emails stored on our systems. Thus, in the event of a compromise, it is not possible for attackers to steal something that we don’t have, that is, the mailbox password and contents of your messages.

We believe that in the current rapidly deteriorating cyber environment, with the rise of more numerous and capable state-backed actors(new window), end-to-end encryption is the only viable approach to data security. While we are confident in the approach we have taken, Proton Mail does not exist in a bubble, and in today’s interconnected world, the Yahoo breach does have significant consequences for a proportion of Proton Mail users.

What to do if you are an Yahoo user

If you have ever had an Yahoo account in the past, there are three steps that you should take immediately.

1. Change your password and security questions

It is prudent to assume that ALL Yahoo passwords are now compromised, especially since some Yahoo passwords were stored with the insecure MD5 hash. Furthermore, we know that the Yahoo breach also leaked security questions and answers. This means if you used the same passwords and security questions from your Yahoo account on other accounts, you should immediately change those passwords and security questions. We recommend never using the same password between services.

2. Unlink your other online accounts from Yahoo

Finally, because Yahoo is a major email provider, if you have signed up for any other service using your Yahoo account, your accounts at those other services may also be compromised. This is because the email address used to register for a service can usually also be used to recover a forgotten password. This means an attacker who has access to your Yahoo account also has access to all your other accounts which were registered using your Yahoo account.

Because Yahoo is most likely fully compromised, you should unlink all of your other online accounts from Yahoo. For example, if you signed up for Facebook using Yahoo, you should change the email address in your Facebook account to a different email address.

If you are Proton Mail user, be aware that we allow account recovery via email. If your recovery address is from Yahoo, then this means a compromise of your Yahoo address could also lead to a compromise of your Proton Mail account! We recommend changing your recovery email address to a non-Yahoo address, or removing the recovery address entirely.

Note, even if your Yahoo account is compromised, and was used to reset your Proton Mail login password, your Proton Mail messages are still protected. This is because Proton Mail uses end-to-end encryption, which means resetting your password is not sufficient to gain access to your already encrypted messages.

3. Delete your Yahoo account

Given Yahoo’s abysmal track record when it comes to security, and the fact that Yahoo has previously willingly abetted and assisted government mass surveillance efforts(new window), Yahoo is not a company that should be trusted with your personal data and communications.

To protect yourself from identity theft, the disclosure of sensitive personal communications, and other threats, you can simply remove this vulnerability by deleting your Yahoo account. This is something that we strongly recommend doing, especially since there exists other more secure Yahoo Mail alternatives such as Proton Mail which are also available for free.

With these steps, you can protect your private email communications and your entire digital life from suffering any ill effects as a result of the Yahoo hack. If you are a business owner, we also recommend checking out our guide on how to prevent email hacking(new window).

You can get a free secure email account from Proton Mail here(new window).

We also now provide a free VPN service(new window).

Proton Mail and Proton VPN are funded by community contributions. If you would like to support our development efforts, you can upgrade to a paid plan. Thank you for your support!

Protect your privacy with Proton
Get a free account

Share this page

Proton Team

We are scientists, engineers, and specialists from around the world drawn together by a shared vision of protecting freedom and privacy online. Proton was born out of a desire to build an internet that puts people before profits, and we're working to create a world where everyone is in control of their digital lives.

Related articles

The first month of 2023 has brought brutal layoffs from Big Tech, a potential ban of TikTok in the US, and another Twitter breach. But the biggest development of this new year has to be the ascent of ChatGPT.  The chatbot can produce remarkably huma
Hackers were able to steal account details from over 200 million Twitter users and posted the database on a hacking forum in early January 2023. These details include users’ email addresses and Twitter handles, allowing people to potentially identify
From your online shopping receipts to financial statements, your emails contain a great deal of sensitive information about your life, interests, and daily schedule. If you’re concerned about your online privacy, it’s therefore vital to keep your inb
At Proton, we’re committed to building privacy-focused products that are convenient to use and improve your productivity. Last year, we released the new mobile apps for Proton Calendar and Proton Drive, letting you manage your schedule and upload imp
Most email services aren’t secure and limit attachment file sizes, but there are ways to send large files securely. If you’ve ever tried attaching multiple images or video files to an email, you’ll know that it doesn’t always work. We explain ways t
Email wasn’t initially designed to be secure. From spam and phishing attempts to malware, unethical marketers and cybercriminals try to undermine the security and privacy of your inbox every day. Since your inbox stores plenty of sensitive informatio