Just months after Verizon bought Yahoo there are new revelations about the massive hack the company fell victim to. Initially, it was reported that 1 billion accounts were compromised. Now, new information is showing that the actual number is 3 billion accounts compromised. That’s pretty much every single Yahoo account on record. Corey Williams, senior director of products and marketing at Centrify told us this about the hack:
This is a definitive aftershock of one of history’s biggest and worst breaches. But while most press stories focus on how the breach happened, they’re missing a critical part of the story. They’re not talking about what is being targeted in order to get at the data. The fact is, most breaches happen through compromised identities, stolen passwords or privileged access. Like it or not, when it comes to breaches, all roads lead to identity. We are smack in the middle of an enterprise identity crisis that must be addressed by every organization in the world.
Does this make the breach three times worse than before? Yes, because nearly every online user in the entire world was impacted. Yes, because an email notification is being sent to an additional two billion people announcing that Yahoo failed in its responsibility to protect user information. Yes, because this is another reminder of the black eye on the world’s cybersecurity. Yes, because it reminds us that Russian intelligence conspired “to protect, direct, facilitate, and pay criminal hackers to collect information through computer intrusions in the United States and elsewhere.” (Source)
Verizon conducted a follow-up investigation on the Yahoo hack after they purchased the company and has verified that all accounts were hacked.
“The company recently obtained new intelligence and now believes, following an investigation with the assistance of outside forensic experts, that all Yahoo user accounts were affected by the August 2013 theft,” Verizon said in a statement.
This is certainly going to go down as a history-making event in cybersecurity and one we hope companies will learn from.
Last Updated on October 4, 2017.