Near the end of September 2016, Yahoo had a surprising announcement about their security: a group of hackers (known as “Peace”) succeeded in a security breach against the major tech company. The group reportedly acquired a handful of personal information including names, email addresses, phone numbers, birthdays, and hashed passwords of over 500 000 000+ users from around the world. With such an incredible number, it really is not surprising hearing this event being called “the world’s worst security breach to date!”
The result of the majority of security breaches is greatly based on the strength of the passwords. Yahoo has indicated that the hackers used supercomputers to decrypt the hashed passwords, meaning that the simple passwords containing only lowercase letters (ex. “password”) and sequences of numbers (ex. “12346”) were in most cases compromised. Since it’s uncertain whether or not any given user’s information has been stolen, Yahoo urges its customers to take steps to protect themselves from identity theft.
That being said, the steps to take in protecting one’s information aren’t that different from the usual steps, and mostly just consist of resetting your password (regardless of the strength) and adding a two-step process to your account security (alternate sign-in questions, backup passwords, etc.). If you have a Yahoo account linked to anything important, it would be a wise decision to verify the integrity of your account and make sure nothing suspicious is going on. Even if you don’t have a Yahoo account changing your password every now and then will make it difficult for anyone to access your personal accounts, so change it anyway. I know I haven’t done that in years.
As of now, it isn’t certain if there was a valid motive behind the attack, but there have been plenty of reports of Yahoo consumers being contacted to buy their accounts back from the hackers. Yahoo has come out to the public saying that a foreign government seems to be the ones to blame and that, although it has not given an exact timeline, the hack happened recently. Some rumours say that the attack may have been a slow ongoing process since 2014, but there is no telling for certain.
The users aren’t the only group that have to suffer for the hackers’ actions. Yahoo has had to endure some massive consequences in the stock market. The announcement was published at an unfortunate time since Verizon was in the process of acquiring Yahoo. The major hack is predicted not to sit well with Verizon and analysts expect a penalty fine for the hacked tech company.
Although Yahoo should have taken more care, part of the responsibility also falls on the users themselves who should be taking care to keep their passwords strong and non-essential information confidential. That being said, this hack is a signal for all other tech companies as well, indicating the importance of user security and the lack of care that has gone in to protecting customers. Expect other computing companies to take some hints from this incident and be ready for some bonus security measures to prevent this from happening again.
Leave a Reply