时间:2025-04-03 12:08:32 来源:网络整理编辑:休閑
What a spectacular mess, Yahoo. At least 500 million accounts across your myriad services have been
What a spectacular mess, Yahoo. At least 500 million accounts across your myriad services have been hacked. Data ranging from phone numbers to date of birth, email addresses, phone numbers and security questions (but, mercifully, not decrypted passwords) have been in the hands of black hats for not a day, a week or even a month, but five months or more.
SEE ALSO:If you use any Yahoo services, here's what to do following the massive breachYou left us all hanging out there is the wind for FOUR MONTHS, Yahoo. What the hell?!
The exclamation point at the end of the company's official name is supposed to symbolize action, but what Yahoo did over the past four months is the opposite of action.
They waited and wondered and left all of us holding the hacked data bag. For that reason, Yahoo forfeits the exclamation point.
You left us all hanging out there is the wind for FOUR MONTHS, Yahoo. What the hell?!
If, upon learning this Yahoo data breach news you are not as outraged as I am, you should be. Yahoo is a vast collection of sites and services including Yahoo Mail, Flickr, Tumblr, domains through Yahoo Aabaco Small Business, Yahoo Finance, Yahoo Messenger and more. Suffice to say, if you have 500 million users, you’re big and the impact of a data breach is potentially massive.
Even if your various Yahoo accounts show no signs of a breach, that doesn’t mean they weren’t hacked or that the information has not been used. People with your name, phone number, date of birth and answers to your security questions(!) could have enough to do some triangulation and certainly have engaged in some identity theft by now. Again, you might have a disreputable doppelgänger somewhere and not even know it. The key to good identity theft is to create fake profiles of people and do just enough to not get caught, but still make it profitable for the identity thief.
Also, even if you haven’t used many of your Yahoo services in a while, if the data in the breach is accurate, you’re still at risk.
Before you or I go any further, though, let’s pause a moment to change all of our freaking Yahoo passwords.
Okay. With that all done, we can dive into the other burning questions.
Why did Yahoo wait all these months to confirm that the data was real?
Back in June, reports emerged that the data for as many as 200 million Yahoo accounts was for sale on the Dark Web. A hacker ironically named “Peace” claimed responsibility and, according to The Hacker News, was selling it all for 3 bitcoins (almost $2,000).
Opening up about the hack might have derailed its long sought strategic exit.
Yahoo acknowledged the existence of the possible breach, but would not verify that the data was in fact theirs (or, really, ours). In a way, I can understand why Yahoo didn’t come right out and say they were hacked. Opening up about the hack might have derailed its long sought strategic exit.
Back in March, Yahoo set a deadline for all suitors interested in snapping up its web and associated businesses. By the spring, the field had narrowed with Verizon leading the pack. Yahoo closed the $4.83 billion deal with Verizon in late July, a little more than a month after news first broke of the Peace Hack and Yahoo’s potential connection.
Revealing publicly that all that data (and more) was actually there could have potentially derailed the deal or at least delayed it significantly. I wouldn’t expect anyone to actually back out of a deal with a company that’s been hacked. If that were the benchmark for deal-making, it’s unlikely any deals would be made.
In Thursday’s Yahoo press release on the massive data breach, it repeatedly calls the investigation “ongoing,” as if to say, “We couldn’t notify you because the authorities hadn’t actually figured it out yet."
I don’t buy this. The data was out there on the Dark Web for months and simply had to be matched against Yahoo’s own actual user data -- a match that probably could have been made in hours or at least days. Even if it took weeks, does anyone believe it would have taken as many as 16 weeks?
In the same release, Yahoo also seems to try and hide behind a “this is happening everywhere defense.” It’s true, cyber hacking is nearing epidemic and scary proportions. Yahoo also claims to be proactive, saying that it’s had a program in place since late last year to detect when a “state-sponsored actor has targeted an account.” So far, they have notified 10,000 users of such attempts.
This little bit of self-congratulatory detail, though, is all the more galling when compared to the half a billion Yahoo customers who have not, until now, been notified.
I asked founder and CEO of Cybersecurity Ventures Steven Morgan if I was being unfair to Yahoo. "In my opinion it took four months for Yahoo! to think about how to deal with the reputational damage that comes with the hack. They should have a good PR plan by now," he wrote in an email.
Let this serve as a warning to all other sites and online services that have not stepped forward to claim hacked data on the Dark Web as their own. “The investigation is ongoing” is not an excuse. We demand an abundance of caution. Tell us even when there’s the smallest possibility you were hacked and recommend we change our passwords today. We’ll complain, be annoyed and drag our heels, but we will act and, some day, thank you.
TopicsCybersecurityYahoo
Plane makes emergency landing after engine rips apart during flight2025-04-03 11:50
張稀哲:國足尚未開始技戰術訓練 李鐵強調快節奏高對抗2025-04-03 11:30
女足張馨怒懟網友:想diss我歡迎來戰 麻煩都放聰明點2025-04-03 11:29
足協12強賽臨時黨支部召開支部委員會會議 王大雷出席2025-04-03 11:01
Tyler, the Creator helped Frank Ocean celebrate 'Blonde' release in a delicious way2025-04-03 11:00
皇馬通牒巴黎本周完成姆巴佩轉會 否則就撤回報價2025-04-03 10:28
最後一戰?姆巴佩頭頂腳踢演雙響 職業精神打滿分2025-04-03 10:02
國足多哈首次安排一日兩練 上午專門安排力量訓練2025-04-03 09:41
Twitter grants everyone access to quality filter for tweet notifications2025-04-03 09:35
王燊超:習慣去適應多個不同位置 場上對穆伊不會客氣2025-04-03 09:32
The Weeknd teases new music in Instagram post2025-04-03 11:59
藍軍飛翼門線手球染紅引爭議 雙方為此爆發衝突2025-04-03 11:35
國足熟悉澳大利亞防線球員 需重點關照進攻端兩人2025-04-03 11:34
澳大利亞經曆新老交替國足迎機會 武磊:我們非常有信心2025-04-03 11:12
This weird squid looks like it has googly eyes, guys2025-04-03 11:02
國足首訓超5萬人淩晨觀看 滬媒:這隻是一個平台的數據2025-04-03 10:46
阿爾特塔:曼城第二球明顯犯規 紮卡染紅影響很大2025-04-03 10:39
28日賠率 :阿森納難逃慘敗曼城 利物浦不勝切爾西2025-04-03 10:07
Hiddleswift finally followed each other on Instagram after 3 excruciating days2025-04-03 09:42
亞伯拉罕打開進球賬戶 穆帥慧眼識珠激活藍軍棄將2025-04-03 09:22