Yahoo is an Internet service company. It has been targeted by the cyber-attack and it is caught up in one of the major data breaches till date on record. There have been two important data breaches of user accounts. User data has been revealed to the hackers during the second half of 2016. First publicly announced breach has been reported in September 2016. It has stated that the attack had occurred sometime in late 2014, and this had affected over 500 million Yahoo user accounts. Another data breach had occurred around August 2013 but was officially reported in December 2016. This attack is believed to have affected over 1 billion user accounts by exposing their confidential information. Later, the internet service company confirmed in October 2017 that all 3 billion of its user accounts were compromised because of this cyber-attack. Both of the above-mentioned breaches are considered to be the biggest data breached which has ever happened in the history of the Internet. Specific data which has been compromised because of this data breach include names, email addresses, telephone numbers, encrypted or unencrypted security questions and answers, date of birth, and hashed passwords.
Further, Yahoo reported that the late 2014 breach likely used manufactured web cookies to falsify login credentials, allowing the hackers to gain access to any account without providing a password.
Motivation of the attack
Following the 2014 data breach, Yahoo claimed that intrusions and thefts by state-sponsored actors have become common across the technology industry. Yahoo has not particularly mentioned any country who might be behind this cyber-attack, but few of them suspect China or Russia to be behind this data breach.
A security advisor claimed that China would be his top suspect behind this attack because China likes to collect and store all kinds of information and they have already had access to various kinds of information.
Few people have expressed doubt about Yahoo claims that the attack being state sponsored, as it would be less embarrassing for Yahoo to accept that a cybercriminals group has been involved as it has been in the middle of being acquired by Verizon.
Yahoo has been criticized for finding about these breaches after the damage has been done and for their late disclosure about the breaches and their security measures has faced several lawsuits as well as investigation by members of the Congress of United States. This breach had a major impact on Verizon Communications. Verizon had a deal with Yahoo to acquire it in July 2016 for about $4.8 billion. These data breaches resulted in a decrease of $350 million on the deal and it has been closed in June 2017.
Class action Lawsuits
There have been almost 23 lawsuits files against Yahoo related to its data breach in 2014. In one lawsuit it states that the personal financial matters have been compromised whereas the other lawsuit contends that Yahoo acted with negligence in dealing with the security breach as well as the way they reported it. Another lawsuit has been filed against Yahoo following their December 14 announcement in 2013, which states that Yahoo failed, and continues to fail, to provide necessary protection to its users personal and confidential information.
Not just the United States government, but also the foreign governments have shown serious concerns following the data breach from Yahoo. They have asked Yahoo to communicate and provide all the details of the data breach to the EU authorities and to notify the users of Yahoo about the adverse effects which they might need to be facing and also warned Yahoo to be prepared for the national data protection authorities enquires in the upcoming days. Germany’s Information security also criticised Yahoo and stated that “Security is not a foreign concept” and advised the government and the users to seek alternate email and Internet solutions which have much better security measures and who are capable to provide security to the confidential information of the users.
No one knows exactly what happened to the data after it has been stolen in 2013. But last August, a hacking collective which is based in Eastern Europe began offering Yahoo’s information for sale, according to the intelligence gathered by Info Armor, an Arizona cybersecurity company that monitors the darker corners of the web.
Since then, there is assumed to be at least three buyers — two of them who are known as spammers and an entity which has appeared to be more interested in using the stolen Yahoo data for espionage — paid about $300,000 each for a complete copy of Yahoo’s stolen database, Info Armor said after Yahoo first disclosed the breach.
Cybersecurity professionals warned that because many of the three billion Yahoo accounts belong to people who use the same passwords for different sites and services, there is likely to be an escalation of email fraud and account takeovers.
With this stolen data, people who have obtained this sensitive information have a higher chance of gaining access to the victims’ bank accounts, said Frances Zelazny, the vice president of marketing at BioCatch. “Most people reuse passwords or make multiple versions of the same passwords that are easy to hack,” she said.
In March, the Department of Justice also charged four men, which includes two Russian intelligence officers, with the 2014 breach. Investigators said the Russian government used stolen Yahoo data to spy on a range of targets in the United States, including White House and military officials, bank executives and even a gambling regulator in Nevada.
The stolen data was also simultaneously used to spy on Russian government officials and business executives, federal prosecutors said.
From this particular blog, I would like to emphasise on the importance of cyber security measures which are required by any company which deals with the confidential and personal information of their customers. If any breach is supposed to happen by these companies, they would be facing harsh lawsuits and would lose the public interest and the results are going to be catastrophic.