时间:2025-04-03 14:47:33 来源:网络整理编辑:百科
What a spectacular mess, Yahoo. At least 500 million accounts across your myriad services have been
What a spectacular mess, Yahoo. At least 500 million accounts across your myriad services have been hacked. Data ranging from phone numbers to date of birth, email addresses, phone numbers and security questions (but, mercifully, not decrypted passwords) have been in the hands of black hats for not a day, a week or even a month, but five months or more.
SEE ALSO:If you use any Yahoo services, here's what to do following the massive breachYou left us all hanging out there is the wind for FOUR MONTHS, Yahoo. What the hell?!
The exclamation point at the end of the company's official name is supposed to symbolize action, but what Yahoo did over the past four months is the opposite of action.
They waited and wondered and left all of us holding the hacked data bag. For that reason, Yahoo forfeits the exclamation point.
You left us all hanging out there is the wind for FOUR MONTHS, Yahoo. What the hell?!
If, upon learning this Yahoo data breach news you are not as outraged as I am, you should be. Yahoo is a vast collection of sites and services including Yahoo Mail, Flickr, Tumblr, domains through Yahoo Aabaco Small Business, Yahoo Finance, Yahoo Messenger and more. Suffice to say, if you have 500 million users, you’re big and the impact of a data breach is potentially massive.
Even if your various Yahoo accounts show no signs of a breach, that doesn’t mean they weren’t hacked or that the information has not been used. People with your name, phone number, date of birth and answers to your security questions(!) could have enough to do some triangulation and certainly have engaged in some identity theft by now. Again, you might have a disreputable doppelgänger somewhere and not even know it. The key to good identity theft is to create fake profiles of people and do just enough to not get caught, but still make it profitable for the identity thief.
Also, even if you haven’t used many of your Yahoo services in a while, if the data in the breach is accurate, you’re still at risk.
Before you or I go any further, though, let’s pause a moment to change all of our freaking Yahoo passwords.
Okay. With that all done, we can dive into the other burning questions.
Why did Yahoo wait all these months to confirm that the data was real?
Back in June, reports emerged that the data for as many as 200 million Yahoo accounts was for sale on the Dark Web. A hacker ironically named “Peace” claimed responsibility and, according to The Hacker News, was selling it all for 3 bitcoins (almost $2,000).
Opening up about the hack might have derailed its long sought strategic exit.
Yahoo acknowledged the existence of the possible breach, but would not verify that the data was in fact theirs (or, really, ours). In a way, I can understand why Yahoo didn’t come right out and say they were hacked. Opening up about the hack might have derailed its long sought strategic exit.
Back in March, Yahoo set a deadline for all suitors interested in snapping up its web and associated businesses. By the spring, the field had narrowed with Verizon leading the pack. Yahoo closed the $4.83 billion deal with Verizon in late July, a little more than a month after news first broke of the Peace Hack and Yahoo’s potential connection.
Revealing publicly that all that data (and more) was actually there could have potentially derailed the deal or at least delayed it significantly. I wouldn’t expect anyone to actually back out of a deal with a company that’s been hacked. If that were the benchmark for deal-making, it’s unlikely any deals would be made.
In Thursday’s Yahoo press release on the massive data breach, it repeatedly calls the investigation “ongoing,” as if to say, “We couldn’t notify you because the authorities hadn’t actually figured it out yet."
I don’t buy this. The data was out there on the Dark Web for months and simply had to be matched against Yahoo’s own actual user data -- a match that probably could have been made in hours or at least days. Even if it took weeks, does anyone believe it would have taken as many as 16 weeks?
In the same release, Yahoo also seems to try and hide behind a “this is happening everywhere defense.” It’s true, cyber hacking is nearing epidemic and scary proportions. Yahoo also claims to be proactive, saying that it’s had a program in place since late last year to detect when a “state-sponsored actor has targeted an account.” So far, they have notified 10,000 users of such attempts.
This little bit of self-congratulatory detail, though, is all the more galling when compared to the half a billion Yahoo customers who have not, until now, been notified.
I asked founder and CEO of Cybersecurity Ventures Steven Morgan if I was being unfair to Yahoo. "In my opinion it took four months for Yahoo! to think about how to deal with the reputational damage that comes with the hack. They should have a good PR plan by now," he wrote in an email.
Let this serve as a warning to all other sites and online services that have not stepped forward to claim hacked data on the Dark Web as their own. “The investigation is ongoing” is not an excuse. We demand an abundance of caution. Tell us even when there’s the smallest possibility you were hacked and recommend we change our passwords today. We’ll complain, be annoyed and drag our heels, but we will act and, some day, thank you.
TopicsCybersecurityYahoo
The Weeknd teases new music in Instagram post2025-04-03 14:40
11 月 30 日卡塔爾世界杯,英格蘭 vs 威爾士 ,你更看好哪支球隊?(英格蘭3:2德國)2025-04-03 14:23
王倩《你是我的命中注定》熱播 三戲聯播強勢霸屏2025-04-03 13:58
《如果歲月可回頭》戲內戲外歡樂多 靳東笑稱李乃文“李奶蚊”2025-04-03 13:48
Australian football makes history with first LGBT Pride Game2025-04-03 13:44
超級網絡IP《蜀山降魔傳3》開機 仙魔之戰風雲又起2025-04-03 13:30
這一次,鹿晗真的逆風翻盤了嗎 ?2025-04-03 13:11
8月10日《且聽鳳鳴》來了,有多少為了楊超越放棄司鳳和璿璣的 ?2025-04-03 13:01
This 'sh*tpost' bot makes terrible memes so you don't have to2025-04-03 12:56
又出事!《皓衣行》雙感情線內幕遭曝光 ,加戲魔改羅雲熙慘變男二 ?2025-04-03 12:51
Uber's $100M settlement over drivers as contractors may not be enough2025-04-03 14:30
當今社畜的瑣碎卑微生活 ,馮小剛25年前的一部電視劇早就預言過2025-04-03 14:01
馬伊琍 ,不是頻頻換衣服,就叫旗袍美探2025-04-03 13:22
《以家人之名》降至7.7分 ,“齊明月”被疑加戲,戲外情史也被扒2025-04-03 13:09
You will love/hate Cards Against Humanity's new fortune cookies2025-04-03 12:53
貴圈|秦昊問完這兩個問題 ,編劇就認定張東升隻有他能演2025-04-03 12:48
《民國奇探》熱播 胡一天突破自我獲讚“劇拋型”演員2025-04-03 12:47
趙櫻子《長安諾》演繹獨美傳奇女子 美貌智慧雙在線2025-04-03 12:33
We asked linguists if Donald Trump speaks like that on purpose2025-04-03 12:27
65歲趙雅芝曬白素貞飛行自拍,網友調侃:女神拿的是自拍杆吧2025-04-03 12:22