The data and endpoint security landscape is always changing, and news happens fast. Each week we recap some of the top security news stories to help you stay informed. Here’s what happened this week.

Yahoo is investigating a potential data breach after a hacker posted an ad on a dark web marketplace for the sale of 200 million Yahoo accounts. The hacker, who goes by the name Peace, has previously been linked to the sale of breached data from MySpace and LinkedIn.

Using phishing logs to study password patterns, new research has found that people have a tendency to use PIN-style passwords, even when the practice is shown to be incredibly risky.

A group of hackers located in North Korea has been accused of executing spear-phishing attacks on nearly one hundred South Korean diplomats. So far 27 phishing sites have been discovered and shut down.