时间:2025-04-26 17:33:24 来源:网络整理编辑:百科
What a spectacular mess, Yahoo. At least 500 million accounts across your myriad services have been
What a spectacular mess, Yahoo. At least 500 million accounts across your myriad services have been hacked. Data ranging from phone numbers to date of birth, email addresses, phone numbers and security questions (but, mercifully, not decrypted passwords) have been in the hands of black hats for not a day, a week or even a month, but five months or more.
SEE ALSO:If you use any Yahoo services, here's what to do following the massive breachYou left us all hanging out there is the wind for FOUR MONTHS, Yahoo. What the hell?!
The exclamation point at the end of the company's official name is supposed to symbolize action, but what Yahoo did over the past four months is the opposite of action.
They waited and wondered and left all of us holding the hacked data bag. For that reason, Yahoo forfeits the exclamation point.
You left us all hanging out there is the wind for FOUR MONTHS, Yahoo. What the hell?!
If, upon learning this Yahoo data breach news you are not as outraged as I am, you should be. Yahoo is a vast collection of sites and services including Yahoo Mail, Flickr, Tumblr, domains through Yahoo Aabaco Small Business, Yahoo Finance, Yahoo Messenger and more. Suffice to say, if you have 500 million users, you’re big and the impact of a data breach is potentially massive.
Even if your various Yahoo accounts show no signs of a breach, that doesn’t mean they weren’t hacked or that the information has not been used. People with your name, phone number, date of birth and answers to your security questions(!) could have enough to do some triangulation and certainly have engaged in some identity theft by now. Again, you might have a disreputable doppelgänger somewhere and not even know it. The key to good identity theft is to create fake profiles of people and do just enough to not get caught, but still make it profitable for the identity thief.
Also, even if you haven’t used many of your Yahoo services in a while, if the data in the breach is accurate, you’re still at risk.
Before you or I go any further, though, let’s pause a moment to change all of our freaking Yahoo passwords.
Okay. With that all done, we can dive into the other burning questions.
Why did Yahoo wait all these months to confirm that the data was real?
Back in June, reports emerged that the data for as many as 200 million Yahoo accounts was for sale on the Dark Web. A hacker ironically named “Peace” claimed responsibility and, according to The Hacker News, was selling it all for 3 bitcoins (almost $2,000).
Opening up about the hack might have derailed its long sought strategic exit.
Yahoo acknowledged the existence of the possible breach, but would not verify that the data was in fact theirs (or, really, ours). In a way, I can understand why Yahoo didn’t come right out and say they were hacked. Opening up about the hack might have derailed its long sought strategic exit.
Back in March, Yahoo set a deadline for all suitors interested in snapping up its web and associated businesses. By the spring, the field had narrowed with Verizon leading the pack. Yahoo closed the $4.83 billion deal with Verizon in late July, a little more than a month after news first broke of the Peace Hack and Yahoo’s potential connection.
Revealing publicly that all that data (and more) was actually there could have potentially derailed the deal or at least delayed it significantly. I wouldn’t expect anyone to actually back out of a deal with a company that’s been hacked. If that were the benchmark for deal-making, it’s unlikely any deals would be made.
In Thursday’s Yahoo press release on the massive data breach, it repeatedly calls the investigation “ongoing,” as if to say, “We couldn’t notify you because the authorities hadn’t actually figured it out yet."
I don’t buy this. The data was out there on the Dark Web for months and simply had to be matched against Yahoo’s own actual user data -- a match that probably could have been made in hours or at least days. Even if it took weeks, does anyone believe it would have taken as many as 16 weeks?
In the same release, Yahoo also seems to try and hide behind a “this is happening everywhere defense.” It’s true, cyber hacking is nearing epidemic and scary proportions. Yahoo also claims to be proactive, saying that it’s had a program in place since late last year to detect when a “state-sponsored actor has targeted an account.” So far, they have notified 10,000 users of such attempts.
This little bit of self-congratulatory detail, though, is all the more galling when compared to the half a billion Yahoo customers who have not, until now, been notified.
I asked founder and CEO of Cybersecurity Ventures Steven Morgan if I was being unfair to Yahoo. "In my opinion it took four months for Yahoo! to think about how to deal with the reputational damage that comes with the hack. They should have a good PR plan by now," he wrote in an email.
Let this serve as a warning to all other sites and online services that have not stepped forward to claim hacked data on the Dark Web as their own. “The investigation is ongoing” is not an excuse. We demand an abundance of caution. Tell us even when there’s the smallest possibility you were hacked and recommend we change our passwords today. We’ll complain, be annoyed and drag our heels, but we will act and, some day, thank you.
TopicsCybersecurityYahoo
Tourist survives for month in frozen New Zealand wilderness after partner dies2025-04-26 17:23
Listen to Lady Gaga's ludicrously catchy new song, 'A2025-04-26 17:08
Hillary Clinton delivered these 18 zingers to Donald Trump's face2025-04-26 16:52
The New York Times just bought a tech review website2025-04-26 16:14
We asked linguists if Donald Trump speaks like that on purpose2025-04-26 16:11
Why Google is retooling search to put mobile first2025-04-26 16:01
Jeff Bezos says he wouldn't kick Peter Thiel off Amazon's board over political views2025-04-26 15:50
German officials ask Tesla to stop using 'Autopilot' in its marketing (updated)2025-04-26 15:49
Florida hurricane forecast remains uncertain, but trends in state's favor2025-04-26 15:44
Beats By Dre gets Nicki Minaj and other A2025-04-26 15:13
Here's George Takei chilling in zero gravity for the 'Star Trek' anniversary2025-04-26 17:28
A sloth Photoshop battle is the only thing better than a sloth2025-04-26 17:22
Undermined by warm water, Antarctic glacier lost 1,607 feet of ice in under 10 years2025-04-26 17:08
The New York Times just bought a tech review website2025-04-26 16:51
Photos show the Blue Cut fire blazing a path of destruction in California2025-04-26 16:28
Jeff Bezos says he wouldn't kick Peter Thiel off Amazon's board over political views2025-04-26 16:21
Let's not forget the black Vine stars that turned the app into an art2025-04-26 16:09
Walking Dead's Andrew Lincoln talks Glenn, Episode 702 and Shiva2025-04-26 15:27
Plane makes emergency landing after engine rips apart during flight2025-04-26 15:03
Kanye West says there's no 'Watch The Throne 2' because of Tidal/Apple beef2025-04-26 15:00