News

Yahoo Announces New Data Breaches

by Cate Carrejo

Embroiled tech company and email giant Yahoo announced new data breaches on one billion accounts late Wednesday. The user information was stolen in 2013, and may have included names, email addresses, telephone numbers, dates of birth, passwords, and encrypted or unencrypted security questions and answers, according to Yahoo's Chief Information Security Officer, Bob Lord. The company confirmed that this was a different breach than the one from 2014 which announced in September, in which 500 million accounts were breached. At the time, that breach was considered to be the largest in history — the newly announced breach, however, easily eclipses that previous record.

There's widespread speculation that this announcement may hurt Yahoo's planned acquisition by Verizon, particularly with the 2.5-percent fall in its stock price during after-hours trading on Wednesday. The mega-merger, which had Verizon set to pay $4.8 billion for Yahoo's core business, may need renegotiation to determine its new value in the wake of this most recent announcement. Once valued at over $100 billion near the end of the dot-com boom of the late 90s, Yahoo's stock and valuation collapsed as it failed to keep pace with other tech companies and struggled to find its niche in the digital marketplace.

According to Yahoo's official statement on the incident, the breach did not involve any credit card or bank account information, so the damage to consumer may be minimal. However, the implications of the breach may be far more serious than its immediate consequences — the company indicated in the statement that it believes a foreign government sponsored this hack, as well as the one announced earlier this year. "The company has connected some of this activity to the same state-sponsored actor believed to be responsible for the data theft the company disclosed [in] September," read the statement.

In conjunction with the CIA's recent announcement regarding the Russian government's alleged interference in the presidential election, Yahoo's announcement is another indicator that the cybersecurity of American corporations and governmental agencies is poised to be a top priority in coming years. It's becoming increasingly clear that digital infrastructure is an easily exploited weakness, and leaving it undefended could have dire consequences for the stability of both the public and private sector. The Yahoo hack itself could have been much worse, but it also reinforced a vision of a grim future where technological privacy is subject to the whim of almost anyone in the world.