1b Yahoo Users Hacked
Please visit Chris's editorial sponsor.
Verizon thought that for $5 billion, it was buying yahoo!'s customers... now those customers are changing their passwords, or just changing to other providers.
On the cover:
In December of 2016, Yahoo disclosed a new security breach that may have affected more than one billion accounts. The breach dates back to 2013 and is thought to be separate from a massive cybersecurity incident announced in September 2016. Yahoo now believes an "unauthorized third party" stole user data from more than one billion accounts in August 2013. That data may have included names, email addresses and passwords, but not financial information.
Sale of yahoo! endangered by hacking!
And as it turns out, it's not. Yahoo! is in the middle of being sold to Verizon, with the price set at $5 billion. That's an insultingly low figure for an Internet firm. Then again, it's been a long time since Yahoo! was a technology leader. Verizon thought that for $5 billion, it was buying customers and getting a little technology. Now those customers are changing their passwords, or just changing to other providers.
Repeated breaches have undermined confidence in Yahoo!, and the Verizon deal. Verizon is making sounds that the price tag may need to be... discounted. When one corporation buys another, there is a veil of secrecy that makes any operational details fuzzy. Such as, who knew what about the hack, and when. It doesn't appear that Verizon knew about the September hack until well after it happened, and the deal to sell was already in play.
Sadly, only part of the problem is Yahoo! If your firm has a well-known name and you are in any way connected to the Internet... you've been hacked! Oracle and Steam have been hacked. Citi has been hacked. There are many other firms that may have been hacked, but if it was a smaller attack or if the corporation believes that it was not an effective break in, it may never be publically reported. Of course, if the hacker is more skilled than corporate security, does the corporation they really know what happened?
When a story begins with international hacking, we expect it to end with China. China has been identified as the source of the hacking at the New York Times, the FDIC, and the US Office of Personnel Management. Now, after the 2016 elections, we hear that that Russia is also hacking in the US. Is there anyone left who isn't trying to pry into our passwords?
The worst of it, for many average users, is that even if you don't use Yahoo!, you should still change your passwords, which you probably keep on the back of an envelope somewhere. How many of you have multiple accounts because you've lost your id or password, or maybe you never wrote down the answers to those annoying security questions. It's not a coincidence that there are now so many tools to store your login info. Half of which just might be fake services trying to steal your passwords!
One thing that we can say is that, at least for now, hacking is evolving faster than security. We can all expect to see more stories on hacking, from Yahoo! and from every other big corporation. Banks and financial firms will have new rules in 2017, and will be required to report more small security hacks than in the past. They will need to issue reports to regulators faster. We will learn about hacks that failed or that perhaps weren't even true hacks, but were instead just glitch. The more that corporate America reports hacking, the more we that regulators will create even more new reporting rules. Expect to hear so many stories about security breaches that we start to go a bit numb!
So, remember to change your passwords, and change them often. In fact, I just got an offer in email for a new tool to manage my passwords. Hey, it will also manage my credit card information! For Free! Gee, I wonder how they can make any money?
Chris Niccolls, Contributor: Chris Niccolls is a New York-based operations, productivity, and outsourcing expert. As an investment banking executive, he became a voice for Wall Street offshoring, developing centers in India, the Philippines, Fargo (USA) and Bristol (UK). Chris has worked in the world’s largest investment banking, legal and insurance firms, and has developed outsourcing advisory groups for New York and London banking firms. He was also a prize-winner in Outsource’s Writing Competition Summer 2016. Chris... (more...)