Professional Documents
Culture Documents
Yahoo System Intrusion Discussion
Yahoo System Intrusion Discussion
Name
Institution
Instructor
Course
Date
SYSTEM INTRUSION DISCUSSION 2
In 2013 and 2014, yahoo, currently known as Altaba faced what would be the biggest
breach in the history of public companies. The attack that compromised about three billion user
accounts was announced in December 2016, still making the company the first publicly traded
company to be fined $35 million by SEC for failing to disclose the attack. The attack in 2014,
real names, and security numbers for about 500 million users. In 2016, the company disclosed
another breach that occurred in 2013 that compromised about 1 billion user accounts. The attack
propagated by a different user compromised dates of birth, email addresses, security questions,
names, addresses, and passwords linked to the user accounts. After the revision in 2017, about 3
billion user accounts have been compromised. The announcement of the original 2013 breach
was badly timed. The company was in the process of being acquired by Verizon in which yahoo
was paid about $4.48 billion for yahoo’s core internet business. The data breach resulted in about
It was unfortunate that the company failed to issue a sweeping statement expected to give
public reassurance that the company was remitted to cybersecurity in a meaningful way.
However, security notices first sent to yahoo users in September 2016 and October 2017 were
posted on the company brand website. The emails sent did not request users to click any links,
download any attachments or ask for personal information. Avoiding this was a notice yahoo
was giving to its users to differentiate legit emails and attempts to steal personal information
according to Thielman (2016). Most importantly, the company went the extra mile to develop
three strategies to prevent future attacks. The first strategy was to stop invalidated unencrypted
security questions and answers. The second one is to continuously enhance the systems to detect
SYSTEM INTRUSION DISCUSSION 3
and prevent unauthorized access and lastly, was to require all affected and unaffected accounts to
change their passwords. To aid the recovery process, the company also promised to work with
the US intelligence during the investigation. Verizon Inc., which is part of yahoo also promised
References
Thielman, S. (2016). Yahoo hack: 1bn accounts compromised by biggest data breach in history.
Yahoo help. (2017). Yahoo security notices | Yahoo help - SLN27927. Retrieved March 14,
guccounter=1&guce_referrer=aHR0cHM6Ly93d3cuY3NodWIuY29tLw&guce
_referrer_sig=AQAAAJpy1_SaKryTAL-xzCxNJm01EPIUnC-tVdpHey5hb--
t5NTKpfyjscRsty5FZiNB8VjLFruFep-smeJhSeYiWeqvhqS3K-
sx63eu7m4iQa37c8pf3DM6KyrXHHZm1djob8AnNRvbv5z2euHXr3sVrUeP_BRNMlZ
eEMgXsMXLzNIp