Data breaches have become all too common. Today’s headlines are littered with stories of cyber theft and security failures. Yahoo! is the latest victim. With over 500 million user accounts compromised, this could be the largest data breach in history. But Yahoo! is far from alone. So far in 2016, we’ve learned about security breaches at Linkedin, the U.S. Department of Justice, Oracle, Dropbox and many others. Is there anything that can be done to stem the tide?
According to cybersecurity expert Por Thorsheim, the Yahoo! breach “will cause ripples online for years to come.” In a statement from Yahoo! addressing the issue, they provided some information about the types of user data that was affected. “The account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers.” Scary stuff. Yahoo! has since recommended that you change your passwords and your security questions and answers as soon as possible.
Yahoo! maintains that the accounts were compromised in late 2014, but according to the Wall Street Journal they just became aware of the breach this year. This long delay between when the data was compromised and when the company even became aware of the breach should be troubling to any online user, especially Yahoo! Account holders. In an open letter written by the U.S. Senate and addressed to Yahoo!, these frustrations were given voice. “We are even more disturbed that user information was first compromised in 2014, yet the company only announced the breach last week. That means millions of Americans’ data may have been compromised for two years. This is unacceptable.”
Yahoo! certainly failed to perform their due diligence in protecting user data. How can you avoid not noticing if such a catastrophic security failure has happened at your business and avoid the mistakes Yahoo! made? CIO recommends a five step process:
- Address the breach immediately
- Form a security task force
- Thoroughly test your security fixes
- Contact outside parties
- Resolve any related issues
Data breaches can happen to any company regardless of size. But with the right IT Managed Services, you can rest easier knowing that your systems are secure.Give us a call at 816-781-3006 and we can discuss the right plan for you and your business!