The American multinational technology company Yahoo, which has been around since the mid nineties has once again been hacked. This time it is more serious than ever before and a total of around one billion accounts have been identified in the biggest known breach in history as gleaned by The Guardian, Aljazeera, CNBC and numerous other sources.
This particular event has contributed towards the overall security risks evident in storing your information on another corporation's network. Customers take for granted that their personal and private information is safe and secure online.
Having your private information stolen is a both a huge ethical as well as legal concern and has far reaching impact when it comes to how you communicate in this day and age.
It is common for individuals to use their private email to authenticate onto numerous other online presences and retrieve personal information such as medical records, tax records and banking information.
By having access to your email account, a hacker has direct access to all of your other online profiles and services.
They are able to get free reign into your private life which main contain direct access to social media and other accounts which can be accessed as easily as requesting a change of password from a simple reset link send directly to you or the hacker.
The difficulty in addressing a hack of this nature is that many users tend to use the same credentials for various other online properties and if a hacker has access to one account, changes are they are able to access most other services as well.
The hack was said to contain customer information such as names, addresses, birthdates, phone numbers, passwords, security questions and answers, yet Yahoo stated that "payment information as well as passwords were not stored in plain text format" and instead were encrypted using an MD5 checksum.
Following the breach, the New York Times said on their site that "This is only the tip of the spear in what we are going to see and in 2017 when more cloud data is aggregated there will be just as many of these cloud providers getting hit". This is quite nerve wracking to hear, especially with so much reliance on these types of companies at the moment.
We have so much trust in the security we believe is being applied to these online companies; we trust our personal information to them and even store our children and family's life photos, videos and memories on them. We use services such as Dropbox, Google Drive, Gmail, Hotmail and Yahoo without even thinking about the potential side effects of something going wrong and what impact it can have on our lives and financial situations.
This has been extremely detrimental to Yahoo as a company given that Verizon Communications (an American owned Telecommunications giant) made it public earlier on in the year that they were set to purchase Yahoo for more than $4.8 billion. After news of this breach they were thinking about lowering their bid but have since pulled out of the deal entirely.
This could also mean that numerous other smaller companies that hold various deals with Yahoo could and possibly should consider swapping out to competitors in the market who have better security teams to keep their customers safe.
With every incident that seems to have occurred at Yahoo over the past few years, they continue to lose their ever shrinking market dominance they may once have had back in the dot com bubble of the late nineties to early two thousands. People have definitely been losing trust in Yahoo as a company for a long time now and this last breach has only made it even worse. Various technical leaders have been recommending that everyone move away from Yahoo's email service to more reliable services such as Google's Gmail service which don't appear to have these types of problems.
Potentially the most interesting thing about this incident are the claims by Yahoo themselves that "the attack was sponsored by a government entity" but they have not identified it specifically at this point.
The popular security news site "Security Week" discussed the source of the attacks pointing towards Russia, China, or North Korea as potential candidates given their track record up until this point with similar types of hacks.
It is still unknown as to who carried out these data breaches on Yahoo themselves as well as why Yahoo kept it a secret for so long after it happened back in August 2013 as well as September 2014.
References:
How Yahoo's 1 billion account breach stacks up with the biggest hacks ever (2016) – Available from: http://www.cnbc.com/2016/12/15/how-yahoos-1-billion-account-breach-stacks-up-with-biggest-hacks-ever.html (Accessed on 18th December 2016)
Yahoo suffers world's biggest hack on one billion users (2016) – Available from: http://www.aljazeera.com/news/2016/12/yahoo-suffers-world-biggest-hack-1-billion-users-161215034225047.html (Accessed on 18th December 2016)
New York Times – (2016) – Available from: http://www.nytimes.com/2016/12/14/technology/yahoo-hack.html?_r=0 (Accessed on 18th December 2016)
Yahoo Lost Everybodys Info Biggest Hack In History (2015) – Available from: https://www.youtube.com/watch?v=wqcvnaAbWbY (Accessed on 18th December 2016)
Yahoo suffers world's biggest hack affecting 1 billion users (2016) – Available from: http://finance.yahoo.com/news/yahoo-says-hackers-stole-information-221214183.html (Accessed on 18th December 2016)
Hacked Yahoo Data Is for Sale on Dark Web (2016) – Available from: http://www.nytimes.com/2016/12/15/technology/hacked-yahoo-data-for-sale-dark-web.html (Accessed on 18th December 2016)
Stolen Yahoo Data Includes Government Employee Information (2016) – Available from: https://www.bloomberg.com/news/articles/2016-12-15/stolen-yahoo-data-includes-government-employee-information (Accessed on 18th December 2016)
Russia? China? Who Hacked Yahoo, and Why? (2016) – Available from: http://www.securityweek.com/russia-china-who-hacked-yahoo-and-why (Accessed on 18th December 2016)