Official TEKConn Blog

Yahoo breach has multi-tier effects

The Yahoo data breach has affected different levels of potential victims, from users to governments.

The Yahoo data breach has affected different levels of potential victims, from users to governments.

The recent impact from the massive Yahoo data breach has had effects on several different levels. Although the actual breach event took place years ago, the real fallout only became clear recently. To understand the significance of this action, we have to look at the ways it's reached users, the company and even politicians.

First, though, a quick explanation. According to a September 2016 statement, a "state-sponsored actor" stole a copy of information from the Yahoo network, potentially affecting more than 500 million user accounts, with information possibly including encrypted passwords and phone numbers, among other possibilities.

Later, in December, another statement identified a separate breach connected to 2013, also invalidating any unencrypted security credentials. In this case, the data is reportedly associated with more than 1 billion accounts. Yahoo's CISO, Bob Lord, gave security advice to users and also said it would notify potential victims.

"The data is reportedly associated with more than 1 billion accounts."

User impact
It's most obvious to see how this group is affected. They will likely have to change their original passwords and take other precautions to avoid further risk.

The large list of potential victims also puts many different users on the defensive, especially given the large amount of people involved. The ongoing nature of the investigation also leaves the effects open-ended.

While it's speculation, the dissatisfaction of Yahoo users could also lead to an unfavorable reaction against the company, adding to distrust in this and similar services.

Business impact
Yahoo has undoubtedly suffered in the wake of these revelations. A pre-arranged sale to Verizon is still somewhat unsure due to the fallout from the more recently-reported breach. Ars Technica said that Verizon's plans for Yahoo aren't clear, since Verizon could theoretically abandon the purchase, despite having potential plans for the company.

Despite this, it seems safe to say that Yahoo is set for major changes. The source also added that CEO Marissa Mayer may leave the business and that it could change its name entirely to Altaba as it shifts its role away from its previous independent status as a tech company.

Government impact
It wasn't just those using Yahoo's services or doing business with it that faced problems after the fact. Australian source ABC.net.au reported on the way Australian officials were compromised in the aftermath of the breach.

The source said that members of the Australian government were among those put at risk in the high-profile hack, and that this was partly due to Yahoo's attempts at encryption being outdated. It spoke to Deakin University lecturer Dr. Adam Molnar about the right path to take now.

"The Australian Government should be doing an evaluative assessment of the information contained within those accounts to see how others could use that information, or if they have already used that information, either to gain a foothold into their own networks through malware attacks or any other kind of attack," Dr. Molnar said.

For New York IT consulting, reach out to TEKConn.