Running Head: YAHOO CYBER ATTACK

Yahoo Cyber Attack

Name

Instructor

Institution Affiliation

Date
YAHOO CYBER ATTACK
2

Yahoo Cyber Attack

In the year 2013 and 2014 yahoo has had massive security breaches which they

confirmed publicly in September 2016. Well, known cryptologist, Bruce Schneier said, “This is

the biggest data breach ever.” The security breach that occurred in 2014, it is estimated that at

least 500 million people, were affected where their personal information was stolen by the

hackers, they also confirmed that in 2013 a similar attack had occurred and affected more than 1

billion accounts. Since so my people have yahoo accounts which they use for different purposes

like for emails or financial transfers making the incident a big deal. Yahoo officially released a

statement confirming that information which was in the account and had been affected included

client addresses like email addresses, names and birth dates, telephone numbers, and encrypted

passwords.

The security breach at Yahoo was due to low security, this issue caused a lot of panic in

the company and also among clients. Due to this security breach, the majority of Yahoo

employees and customers personal details were hacked and sold in the dark web they later

exposed publicly in the European countries. However, in a statement released by Yahoo

informed the public that none of the client’s bank payment card or any information from the

bank was stolen by the hackers (Walters, R. (2014).

However, Yahoo released a statement that forensic experts were investigating how the

hacker managed to forge cookies which allowed the hackers to reset passwords of several

accounts and gain illegal access. After investigations were conducted by the experts, they

reported there was an inside person who helped the hackers to access their propriety codes which

helped to forge the cookies. The investigation experts also reported that it was able to identify
YAHOO CYBER ATTACK
3

user account for which they believe forged cookies were used or taken and Yahoo also reported

that it was able to invalidate those forged cookies and notified the users (Lee, N. (2015).

“In March, four men were charged by the Department of justice, two of the charge men

were Russians, and were involved in the 2014 breach. The experts reported that the Russian

government had hacked the yahoo servers so that they can spy on various targets in the United

States, including military officials, white house, bank executives and even betting regulatory in

Nevada.” (The New York Time).

As per security firm infoAmor, the dark web purchased yahoo database for $300,000.

Shockingly, three different purchasers, two of them were unmistakable spammers paid the

hackers and picked up the whole data and it to invade clients’ personal information. Yahoo did

not right away tell its employee and customers that their account information had been stolen;

they just kept quiet about the whole situation (Lee, N. (2015). Yahoo’s for of explanation was

that investigation was underway. It might have been illegal as the laws in 47 states expect

organizations to immediately tell their customers when they’ve been hacked as soon as possible.

Due to the advanced technology such attacks have become more regular and common in

the present age. When an organization has been successfully hacked it really affects the

organization negatively and may really affect their customers as they can stop trusting the

services offered by the organization. A cyber attack can cause a social and cultural impact but it

depends on the magnitude of an attack. The yahoo’s cyber attack being termed as the biggest
YAHOO CYBER ATTACK
4

data breach created a lot of panic among the users because it is one of the best email service

providers hence it was popularly used by many people. This attack forced many yahoo customers

to rethink their own privacy setting and data security. Billions of people were affected directly

and indirectly by this cyber attack most of the people lost faith in technology which really

affected economic growth negatively (Watkins, B. (2014.

The yahoo cyber attack was a serious issue and was a wakeup call for many users. Due

to the magnitude of the attack, it created hysteria in the industry( Watkins, B. (2014). Companies

are advised to invest more in technological firewalls and train employee on what to do when

such an attack occurs. Companies should install good security systems which have the latest

technology making it very difficult for hackers to bypass the security system and steal

customers’ private information.

Companies should also have some security measure within the organization some of the

measures include restricting the number workers who can access confidential documents,

creating new password regularly to confidential and new accounts by locking all saved

documents making the passwords to be uncrackable even when stolen, training employees about

IT security so that they can be able to prevent such attacks when they happen finally, ensure

high level of confidentiality with customers personal information in the company, with new

technological inventions like step- two authentications, which creates a one-time password that is

generated and sent to the client’s mobile phone for it to be verified by the user (Goldstein, M. J.

(2015).

The next day after Yahoo had reported openly about the cyber attack it lost $1.3 billion in

market capitalization and their stock price dropped by 3%. However, states like New York,
YAHOO CYBER ATTACK
5

Massachusetts, and California, have implemented certain cybercrime laws that protect and run

business activities in those states, whether organizations are located within their boundaries or

not. These laws have typical clauses requiring reasonable timely alerts to users that their personal

information has been hacked (Weimann, G. (2014).

The yahoo hacks as for now stay to the worlds greatest when tallied by clients influenced.

The hacks demonstrate that various meetings, such as state-supported programmers, may focus

on a particular association and may succeed if the association isn’t arranged well against such

danger. Different kind of attacked are handled differently depending on the magnitude of the

attack and still varies very much depending on the country’s or state’s laws in which such an

incident has occurred, with protection and money related associations think of better approaches

to constrain organizations to verify their information is alright to keep it away from such

enormous attacks.
YAHOO CYBER ATTACK
6

References

Gitlin, M., & Goldstein, M. J. (2015). Cyber Attack. Twenty-First Century Books.

Lee, N. (2015). Cyber attacks, prevention, and countermeasures. In Counterterrorism and

Cybersecurity (pp. 249-286). Springer, Cham.

Walters, R. (2014). Cyber attacks on US companies in 2014. The Heritage Foundation, 4289, 1-

5.

Watkins, B. (2014). The impact of cyber attacks on the private sector. no. August, 1-11.

Weimann, G. (2014). New terrorism and new media (Vol. 2). Washington, DC: Commons Lab

of the Woodrow Wilson International Center for Scholars.