Yahoo Data Breach: The Largest Breach in History

Posted on at






(image source: itsecuritything.com)
Yahoo logo.


Hello everyone! It’s nice to be back blogging. I’ve been stuck doing drawings for my Watch Me WIP series lately. I guess I had a lot of fun doing it that I’ve spent so much time over it. I am so glad because one of my Watch Me WIP videos received a 5 star review. Wow! Thanks a lot bitLanders! It means a lot to me.

BitLanders surely knows how to show appreciation to their users. One of these is rewarding us with additional buzz bonus for sharing quality content. Recently, along with the announcement of Sir Micky about the new daily task and buzz bonus rewards, there was also a new blog task posted that would offer an even higher reward. Yes, there are blog tasks here on bitLanders, although not often. 

The latest task posted is to blog about the Yahoo! data breach. I don’t usually participate on blog tasks but I want to try this one because I also have Yahoo accounts. Moreover, I would like to know better about this incident known to be the largest data breach in history.


What is a Data Breach?



(image source: scmagazineuk.com)
How safe is your information online?


Data breach is an illegal access to confidential information such as your name, birthdate, address, phone numbers, security questions, online accounts, passwords, etc. Victims of a data breach are prone to identity theft and other malicious attacks because basically, your confidential information is now exposed to an unknown person with an unknown intent.


The Yahoo Data Breach


(image source: securelink.com)
About 1.5 billion users feared to be affected by the breach.


The internet community especially Yahoo users, were taken by surprise and shock upon an announcement last December 2016 when Yahoo said a data breach had occurred last 2013 possibly affecting 1 billion Yahoo accounts. That is twice the number of their first disclosure last September 2016 when they said a data breach was made last 2014 which had affected approximately 500 million accounts.



(video source: ABC News via Youtube)
The Yahoo data breach reported in December 2016.


The incident was a very terrible act in the digital world and with about 1.5 billion users affected, this was considered as the largest data breach in history.


Forged Cookies



(image source: tripwire.com)
Of course, forged cookies are not the edible cookies. 


According to Bob Lord, Yahoo’s Chief Information Security Officer, hackers made use of “forged cookies” to infiltrate accounts. 

What are forged cookies?

Forged cookies are bits of codes that stays in the cache of a browser which will allow the hacker to access accounts without the need of a password.

A lot of people complain about the lack of security feature of Yahoo and as to why Yahoo took so long to inform everyone about it. Well, here's a LINK which explains why it took them so much time.


A State-sponsored Hack



(image source: true-tech.net)
Yahoo data breach was believed to be a state-sponsored hack.


Would you believe the breach affecting 1.5 billion accounts was only done by two people? The FBI suspects the Russian government behind the breach wherein two people were hired to carry out the hacking. A 22-year-old Canadian named Karim Baratov and a 29-year-old Latvian named Aleksey Belan were believed to be the hackers. Baratov has already been arrested while Belan is still being searched.

Authorities believed that the real motive of the breach was to spy. Then I believe it is not just a simple act of hacking but something that goes deep to a more malicious objective that involves political matters.


Informing the Users



(image source: print screen from Yahoo mail by Katsanslimites)
A portion of Yahoo's notice about the data breach.

Last December 2016, Yahoo users received a mail informing them about the breach and that their account was among the accounts being hacked. They requested their users to change their passwords immediately. The notice did not only instructed the users to change their passwords but also reminded them to avoid opening and downloading attachments from suspicious mails. While they are working to strengthen Yahoo's security, they encourage their users to use the Yahoo Account Key which is an authentication tool that removes the need of using a password.

Yes, I received the mail too and immediately change my password. If you’re a Yahoo mail user and still haven’t change your password, please change it now. You may also use the Yahoo Account Key for a more secured account.


Effects of Data Breach to Yahoo



(image source: comingsoon.net)
Verizon to acquires Yahoo.


The breach issue had caused a major disadvantage for Yahoo. Aside from its reputation, the company's selling price was also put to risk. Before the breach, telecommunications company Verizon was in negotiation of buying Yahoo. However, due to this unpleasant incident, from the original price of $4.8 billion, Verizon now only wants Yahoo for $4.48 billion which is less $350 million. Such a hefty price drop there! But we can't argue with that especially with the issue Yahoo is going through.

Yahoo selling price wasn’t the only one affected by the incident. Yahoo CEO Marissa Mayer didn't received her 2016 cash bonus and as Verizon acquires Yahoo, CEO Marissa Mayer will resign.


Be Aware!



(image source: webautobook.com)
Be careful with what you click and share online.


My friends, I could think of one thing right now. The internet is a dangerous place despite the advantages it gives to humans. I would call it a paradise in the wild where these hackers are the wolves that will sneak and devour you in the dark.

I just hope Yahoo has now made stronger security features aside from the Yahoo Account Key that would prevent these pesky hackers from doing more malicious actions. And may this be a reminder for all of us to be more responsible users. As much as possible, do not share too much personal information, protect your computer, be vigilant of the suspicious activities on your accounts, and most of all, think before you click.


Introducing Querlo


(image source: linkedin.com)
Querlo logo.


Now, before I end this post, let me share something interesting. As hackers become more aggressive, companies should consider other possible ways to gather data from their customers.Today we have a chatbot named Querlo.



(image source: print screen from Querlo chat by Katsanslimites.)
A sample chat of Querlo chatbot.


Querlo is a chatbot that communicates with its customers in a more detailed manner. A chatbot with a heart, indeed. Aside from knowing its customers in a more specific way, it also informs them about the organization or brand. It also has a real time database to ensure the precision of data.

You can watch the video below for further explanation about Querlo:



(video source: Katsanslimites via bitLanders)
Querlo, a Chatbot with a Heart.


Here's a chat box for you to know more about Querlo:


 

Thanks for reading!



✧Katsanslimites



About the author

160