Yahoo’s latest hack of 1 billion accounts has proved as a worst case example of an unnerving but increasing common phenomenon of cyber espionage. On Wednesday, Yahoo made it official that it has experienced a largest cyber attack in his company’s history as more than a billion user credentials were leaked by hackers.
The California-based web services giant said that a cyber attack of August 2013 became a root cause of the recent hack. In September 2014, Yahoo made an official disclosure that more than 500 million user accounts were hacked by a hacking group of a foreign nation. A probe later clarified that the data spill was done by the same hackers who stole critical database info in 2013.
As of now, Yahoo Tech has denied media reports that the latest data spill has led to any specific repercussions for yahoo users. But the statement comes close after the disclosure made by US Intelligence that Russians might have hacked democratic emails just before the presidential elections and might have also involved in hacking the database of a major health insurer and a government office that manages millions of critical data files related to federal employees.
“The lesson from Yahoo’s data hack is clear and that is “No organization is immune to compromise”, said Jeff Hill, Director of Product Management for Cyber Security, Prevalent.
Government hackers
The main interest of Government hackers is not to break into the bank accounts, but to manipulate the database to demoralize the political and financial stability of a nation.
In recent years, hacking groups which are being nurtured by foreign governments are getting busy in stealing vital info such as emails of political stalwarts and Hollywood moguls to embarrass their dignity. Their main aim could be to eventually influence the political framework of the 2016 presidential election.
“Cyber espionage is going digital like other things in the world”, said Steve Grobman, Chief Technology Officer at Intel Security. He foresees the vision of cyber criminals were data will be used as a digital weapon, either to leak or fabricate info to damage individuals and governments in future.
Mr. Grobman feels that Yahoo’s latest data breach can turn into an expensive deal breaker, referring to Verizon’s intention to buy Sunnyvale company, Yahoo Inc.
It is a known fact that early this year, Verizon Communications made it official that it is going to buy Yahoo for $4.8 billion in 2017.
Two hacks, more than a billion accounts
Yahoo believes that the same hacker who hacked its database in August 2013 has committed the repeated offense of leaking 500 million user credentials in September 2014 and now in December 2016.
But the Sunnyvale-based web giant is yet to identify the source of the 2013 intrusion.
As per Yahoo Tech, the company which offers world’s second best web search engine is believed to have more than billion active users on monthly basis. The count, nevertheless, includes those holding multiple accounts.
The American Technology giant has made it official that the stolen info in both attacks includes names, email addresses, contact numbers, DOBs, and related security Questions & Answers.
Yahoo assured that data related to bank accounts and payment cards was unaffected.
Hackers in both instances have pulled out passwords which were protected by a cryptographic technique called hashing. So, technically, those stolen passwords will remain secure and inaccessible to them.
But as hackers are gaining online access to sophisticated dictionaries related to scrambled phrases, they could use those huge databases to easily match the content against stolen passwords. Thus, nothing seems to be secure in the digital world.
This means that all those yahoo users who use the same password for different online services can invite more trouble in near future.
Yahoo has asked its users to change their passwords on an immediate note and has also requested its users to invalidate security questions which could be used by cyber crooks to hack their respective accounts.
Security experts believe that the database hack of Yahoo which happened in 2013 could be the work of a foreign nation fishing for data of specific people. As the data was not hacked to put it on sale, it could not be the work of ordinary criminals….then guess who?
That means most Yahoo users need not worry about the latest hack, said JJ Thompson, CEO of Rook Security.
Verizon needs to think on these questions
The recent hack of yahoo database will definitely jeopardize the plans of Verizon to buy Yahoo. That’s because if users of Yahoo choose to deactivate their accounts, then it may not turn into a valuable transaction to Verizon. This may make the New York-based telecom giant lower the purchase price. The company might also be put off the deal on a permanent note.
Verizon Communications intention to buy Yahoo was to help build a digital ad business in coming years.
After learning about the hack of 2014, Verizon said that it will re-negotiate the sale price of Yahoo. But on Thursday morning, the telecom company said that it will review the new hacking development and will reach to the final conclusion in coming days.
Gartner Analyst Avivah Litan predicted that security lapses on Yahoo’s side might make its prospective buyer(Verizon) re-negotiate the sale price.
But on the other hand, Yahoo strongly feels that the 2014 hack hasn’t affected the User trust or traffic to its services, hinting that Verizon should stick to the original terms in order to go ahead with the deal.
On the other hand, the latest hack made Yahoo shares fall by 96 cents, or by 2% taking the overall share price to $39.95.
