WASHINGTON, September 22, 2016 – Yahoo executives announced that Yahoo’s site was breached by hackers, exposing information on more than 10 million of its users. This latest corporate security breach demonstrates that the fight against data breaches continues unabated, as major industry leaders have still not implemented effective measures to prevent this kind of ongoing hackery.
— NatlCyberSecAlliance (@StaySafeOnline) September 22, 2016
Yahoo (symbol: YHOO) was aware of the possibility of a breach back in August, when a hacker attempted to sell the usernames, passwords, and birthdates of Yahoo account holders on the Internet black market. The hacker (or hackers) was peddling the information for three bitcoins, or $1,860.
The breach comes as Yahoo works to finalize its $4.8 billion sale to Verizon (VZ). The new owners of the pioneering online search engine and site may very well end up with concerned shareholders and a drop in its stock price. It is expected that after announcing the security breach, Yahoo will soon provide details on how this latest mass data hack has affected Yahoo users. Among likely outcomes, Yahoo at the very least would be expected to force its users to reset their passwords.
All this information comes at a delicate time for Yahoo’s shareholders, many of whom are up in arms that the company’s once highly-touted CEO, Marissa Meyer, is set to take home more than $44 million if she leaves the company when the Verizon deal is finalized. Meyer has been spectacularly unsuccessful in reviving Yahoo, paying too much for a series of largely failed acquisitions even as she and the company failed to launch any groundbreaking products during her tenure.
As a result of this data breach and other issues, Yahoo is now concerned that this latest adverse event could cost them the Verizon deal, depending on what investigators find after looking into the security issue. Yahoo previously encountered a breach by hackers in 2004, when its Yahoo Mail service was compromised, again forcing thousands of users to reset their passwords.
American consumers have grown even more concerned as major companies are continually being attacked. In recent years, major retailers such as Target and Home Depot discovered their systems had been hacked, ultimately costing them millions of dollars in penalties and lost sales. Data breaches have become almost commonplace, as neither corporate nor government and law enforcement officials and CIOs have figured out more reliable ways to defend against these mass data hacks by stopping them before they occur.
What can users do to protect themselves? In the short term at least, the most effective approach is to change your passwords every few months rather than waiting until the next time your accounts are hacked. It’s a pain. But it’s also your first line of defense, at least until corporations and governments get serious about finding a better way.