Yahoo's massive data breach: what you need to know/do
Last Thursday, September 22, Yahoo "has confirmed that a copy of certain user account information was stolen from the company's network in late 2014 by what it believes is a state-sponsored actor," the company posted on its investor relations page. http://tgcafe.it/2dbrY8ZTHE SKINNY
☕ The breach happened in 2014.
☕ According to Yahoo, the stolen data include names, email addresses, telephone numbers, birthdays, hashed passwords, and some "encrypted or unencrypted security questions and answers."
☕ Yahoo believes no payment card or bank account information was stolen.
☕ Sounds like at least 500 million user account credentials were stolen, which would make it the BIGGEST breach of all time.
☕ Yahoo called the hackers a "state-sponsored actor," though it didn't identify a country behind the breach.
☕ Yahoo says there is no evidence that the hackers still have access to Yahoo's network or internal services.WHAT TO DO
☕ Yahoo has taken steps to protect its users (http://tgcafe.it/2dx4eyd
), including invalidating security questions and answers (not much else they can honestly do) - the real risk is in hackers using the passwords on other websites.
☕ The burden of minimizing the consequences of the breach lies on YOU:
- Change your password on all Yahoo accounts if you haven't done so since 2014 (won't fix anything, but always a good idea) or consider using Yahoo Account Key (http://tgcafe.it/2d4s1mz
), a simple authentication tool that eliminates the need to use a password altogether.
- Change your password and security questions and answers for any other accounts
on which you use the same or similar credentials as the ones used for your Yahoo Account.
- Review your accounts for suspicious activity.
- Be cautious of any unsolicited communications that ask for your personal information or refer you to a web page asking for personal information.
- Avoid clicking on links or downloading attachments from suspicious emails.YOU'VE GOT TO BE KIDDING ME...
☕ Press reports indicate that Yahoo CEO Marissa Meyer knew about the breach as early as July
, when the company was still finalizing its sale to Verizon.
☕ By law, Yahoo should have disclosed the breach to the public and its investors within four days, but the company didn’t notify Verizon until September 20 and told its users two days later.
☕ In August, TechCrunch heard rumors of a significant Yahoo breach and asked the company about it. A spokesperson for Yahoo told TC at the time, “We are aware of a claim..." http://tgcafe.it/2dmKUFf
☕ Yet on September 9, Yahoo said in a proxy statement, “To the knowledge of Seller, there have not been any incidents of, or third party claims alleging, (i) Security Breaches, unauthorized access or unauthorized use of any of Seller’s or the Business Subsidiaries’ information technology systems.” HA!THE BACKLASH
☕ Sale to Verizon: the language assuring that no security breaches had occurred might give Verizon leverage to renegotiate the deal, or even to walk away, according to the Wall Street Journal http://tgcafe.it/2deEW7N
Will they? Time will tell.
☕ Senator Mark Warner, a co-founder of Nextel and a former startup investor, has called for SEC investigation into Yahoo breach http://tgcafe.it/2dmKUFf
☕ Yahoo is already getting hit with lawsuits according to CNET http://tgcafe.it/2dmSvze
On Friday, the firms Robbins Geller Rudman & Dowd and Labaton Sucharow filed a suit in the US District Court in the Northern District of California. The suit, for which the firm intends to seek class action status, accuses Yahoo of "failure to establish and implement basic data security" and being "grossly negligent" with user data, according to the complaint.
A separate class action suit was filed Thursday in US District Court in San Diego, according to the San Jose Mercury News http://tgcafe.it/2dmLUsZ
. In that case, plaintiffs came to the lawyer BEFORE Yahoo announced the hack, trying to figure out how people were accessing their information.
Many more suits to come? You betcha._______________________________________________________Stay on top of marketing news
image credit: http://tgcafe.it/2dbxrwJ