The cat is finally out of the bag. Yahoo! recently announced that it was hacked, with the personal details of over 500m accounts having been stolen. Of course, users by the dozen flocked to social media to vent their anger – frustrated that it took the company two years to realise there had been a breach.
Amongst the frustrated was Nicola Fulford, head of data protection and privacy at technology and digital media law firm Kemp Little, who was lost for words at how long it took Yahoo! to notice. She said: “Serious questions need to be asked about the effectiveness of the security measures and information governance structures in place.” Now dubbed one of the biggest cyber breaches in history, experts have warned that the hack could also put those not using Yahoo! at risk. As Joon Ian Wong put it: “Stubborn user behaviour and the economics of darknet markets mean the chances of a serious breach at another major internet service increase dramatically with each hack. “When a big cache of hacked passwords ends up traded on darknet markets, it often gets added to password databases. These databases can be used maliciously by hackers, who will try to find passwords reused on other services. It’s the equivalent of trying millions of different keys on a particular door, except it’s all automated and can be done in days.” It’s seen Yahoo! itself urge users to change their passwords and security questions. But that won’t help much, Fulford explained. She suggested the knowledge of security answers could give hackers details of sensitive information about finances, health, family and career. This information could enable someone to build an accurate picture of someone’s life and steal their identity. “The recent tribunal decision relating to the TalkTalk breach held that customers raising detailed complaints can give sufficient awareness to a company of breach.,” she said. “Under mandatory breach notification rules it does not have additional time to then carry out its own investigations before being obliged to notify the breach. Whilst Yahoo! may not be subject to the same mandatory laws as TalkTalk currently, in light of the Verizon deal, it may still regret not being more open with its customers (and the ICO) earlier.”
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies.
This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
