Yahoo in Deep Waters Over Their Mail Security Breaches
One of the things that companies spend thousands and even millions of dollars on every year is security. What they are now securing this time has left the normal physical materials and assets that we have now been too familiar with but something more profound and valuable, and could cause a whole lot more damage if stolen – data and information. When a website is created, or a platform is launched, the coders and developers need to make sure that they have put in place every necessary plan to stop breaches and people that might want to steal data from them. This doesn’t mean that they hackers and data thieves, whoever they are, would not still try, but it does mean that the said companies would be ready when this hack starts to happen.
However, there might have been a little bit of negligence on the part of Yahoo for a hack that occurred on their systems, and when we call it little, we might just be putting it mildly. There has been a series of coordinated attacks on the hands of Yahoo for a while now, and whether they have known for a while and just wish to keep it under wraps or for sure, they are just getting to know for true, it is still and unforgivable offence that they have let something like this grow under their noses for three years, in the least. With the first hack taking place in the August of 2013 and the next one taking place as recently as 2014, Yahoo itself confirms that they might have been so slack that more than 1 billion accounts have been compromised in these hacks. Yes, you read right – the figure stands at one billion accounts.
For a while now, even before any issue of hacks surfaced on the internet, a lot of users have been complaining about how less time and dedication Yahoo has for the security of their mail accounts. This is so much that their mail service does not detect spam messages and move them accordingly like other mail service providers do. Looking at the kind of changes (or lack thereof) that the company has implemented over the years, one is willed to think that they have just left the mail platform to keep generating income on its own while the focused on the building of other things Yahoo.
Speaking on the issue of the hack is a high ranking official of Yahoo, the Chief Officer of their Information Security department and in his words, the hack was done by means of cookies which were left on the browser of each user and would mean that they would not need a password the next time they wanted to get access to such accounts. According to him also, these cookies were not of the Yahoo mail origin but were specially forged ones by the hackers themselves. Unfortunately, this still links back to Yahoo because the hackers would have had to gain access to the proprietary code of Yahoo in the first place.
In a statement published by the global mail provider itself, it was admitted that the first hack occurred in the month of August 2013, and with the figures going up to 1 billion accounts, this is still the biggest data breach that there has been in the history of all data breaches. This number just managed to be twice that which the company discovered in the year 2014 and unveiled as recently as September, an attack that was blamed on the involvement of elements of government bodies. The hack was only discovered in the month of November when law enforcement agents visited the company and gave them what was said to be user data obtained from a third party, and it was – even containing the forged cookies that this whole event has been pinned on so far.
Since this issue has started to see the light of day, Yahoo has been under increased pressure not only from their users, of which some are threatening to take legal action but also from high officials in the government and Verizon, with whom they have some deal in place. After they had made it known that there was a breach in their systems in the month of September, they received a petition from not less than 6 senators in the United States alone and of these was the senator from Vermont, Patrick Leahy, who also happens to be one of the high-ranking members of the judiciary committee of the Senate board. One of the concerns that the senator states, and which has been on the minds of many, is why they didn’t let us know of the breach which has been unearthed a few years ago, until recent weeks. From Verizon, they face the same issue, and they could see their price go down drastically when the buyout is to be fully implemented.
According to a Verizon lawyer, Craig Silliman, the security breach that was announced in September has gone a long way to damage the reputation of the brand and he believes that this would go a long way in decreasing the value at which the Big Red would purchase them. Email breaches are not a small issue to users because everyone would love to make sure that their details and personal information remain safe, and for now, Yahoo cannot guarantee that. With about one billion passwords, usernames, birthday dates and the likes out there on the black market now, there is no telling what evil can be done, or has already been done, with these details.