The Silver Lining In Your Cloud TM

Critical Cybersecurity Alert: Yahoo Breach Exposes 500 Million Users

Warning: if you have a Yahoo email account, you should reset your username, password, and security questions right away. This advice goes out to your employees as well, especially if they use their Yahoo email accounts for password/account recovery or use the same passwords for their Yahoo and work account logins.

In an article published on September 22, 2016, at 3:27 pm, CNN Money stated that Yahoo “confirmed on Thursday data ‘associated with at least 500 million user accounts’ have been stolen in what may be one of the largest cybersecurity breaches ever.”

Such a massive data breach is virtually guaranteed to have far-reaching consequences.

What’s the Risk for You?

Because of the sheer size of this data breach, it’s highly likely that someone in your organization will be affected by it. Some of the stolen data included “unencrypted security questions and answers” that could allow hackers to hijack the compromised account.

Yahoo and other email providers are often used as account recovery portals for any number of other services. With access to a user’s Yahoo account login, hackers could submit false password reset requests to take control of other accounts—up to and including accounts with admin privileges inside of your organization.

From here, hackers could wreak havoc by uploading malicious software such as ransomware or stealing data from your network.

How Was the Hack Spotted?

According to the CNN Money article, “the breach is said to have occurred in late 2014,” but the breach went unreported until it was “first rumored in August when a hacker who goes by the name of ‘Peace’ claimed to be selling data from 200 million Yahoo users online.”

There was no detection of a breach, no warning until a hacker began openly trying to market the stolen data—more than a full year after the initial breach. As noted by the CNN article, “two months later, it turns out the situation is even worse” since there were far more compromised accounts than the data on the 200 million accounts the hacker was trying to sell.

This supermassive hack highlights the dire need for strong intrusion detection and prevention in all businesses.

Once again, we urge anyone with a Yahoo email account to change their usernames and passwords as soon as possible and to do the same for any online account that uses their Yahoo email for their account/password recovery.