Article
Technology & AI

Could Yahoo!'s security breach indicate a larger issue?

By Sumit Modi
May 19, 2020
undefined mins

Last week, Yahoo! admitted that in 2014, a wide-scale cyber security breach occurred, affecting 500 million users.

 

This issue has only just been made public; names, phone numbers, e-mail addresses, and passwords were stolen in what may be the biggest public cyber security hack ever. No payment information was taken, but queries regarding why Yahoo! has taken so long to recommend that users change their passwords are prevalent, and the company referring to the incident as a ‘state-sponsored’ hack raises yet more questions.

Mark Skilton, a Professor of Practice at Warwick Business School and an expert on cyber security, said of the case:

"While it's not a surprise to hear the magnitude of users that have been corporate hacked - after all the rise of the digital business means everyone is more or less online these days - what is shocking is the date, 2014, and the sense of resignation that some may have to the event. This is far too late for professional cyber security risk management and certainly from the organisational practices inside a company like Yahoo! that one would expect. 

"The other factor is the legal impact for Yahoo! from the reputational impact and liability in losses for customers. This could yet be significant and a headache for Verizon in its planned imminent takeover of Yahoo!

"The lateness of the attack discovery, a whole two years, and the indication that it was a government state sponsored attack suggests both a highly professional stealth attack or perhaps some failure in basic perimeter monitoring by Yahoo!'s internal security practice.  

"Either way, serious questions on internal checking of data breaches must be addressed. There will be a significant internal review in Yahoo! and Verizon to develop a turnaround plan for this hack, but it also suggests a need for a stronger perhaps government and industry role needed to increase cyber protection in the light of the rise in more stealth attacks. 

"The infamous Russian bank stealth attack had a similar slow burn attack from an undetected stealth attack that resulted in an estimated 1 billion euro loss from several banks.

"This Yahoo! situation is not that level of financial loss, but the impact and rise of huge cyber-attacks will need stronger cyber responses."

 

Follow @BizReviewUSA and @NellWalkerMG

Read the September issue of Business Review USA & Canada here

Security BreachCyber SecurityYahooWarwick Business School
Share
Share

Featured Articles

Amelia DeLuca, CSO at Delta Air Lines on Female Leadership

Driving decarbonisation at Delta Air Lines, Chief Sustainability Officer Amelia DeLuca discusses the rise of the CSO and value of more women in leadership

Liz Elting – Driving Equality & Building Billion-$ Business

Founder and CEO Liz Elting Turned Her Passion into Purpose and Created a Billion-Dollar Business While Fighting for Workplace Equality – and Winning

JPMorgan Chase: Committed to supporting the next generation

JPMorgan has unveiled a host of new and expanded philanthropic activities totalling US$3.5 million to support the development of apprenticeship programmes

How efficient digital ecosystems became business critical

Technology & AI

Mastercard: Supporting clients at a time of rapid evolution

Digital Strategy

Why Ceridian has boldly rebranded to Dayforce

Human Capital