Yahoo is facing a lot of scrutiny right now after the company revealed yet another massive hack to its customers. Earlier this year, Yahoo finally admitted to having 500 million user accounts compromised during an attack back in 2014 but it turns out that wasn’t even the worst of it. Today, Yahoo finally revealed that its servers had been compromised back in 2013, leading to the credentials of 1 billion users being stolen, which could very well cost the company its buyout deal with Verizon.
Verizon placed a $4.8 billion bid to acquire Yahoo earlier this year and despite admitting to the 2014 hack a few months back, the buyout was still going to go through. However, after today’s revelation that 1 billion accounts were compromised in 2013, Verizon is said to be looking to back out of the deal entirely.
Image Credit: Blender
This is according to sources speaking with Bloomberg, who claim that Verizon may also consider lowering the amount it is willing to pay to acquire Yahoo in the face of this attack. Verizon is currently looking into the damage these attacks have caused to Yahoo, they are also assessing legal liability in case Yahoo ends up being taken to court over these hacks and the lack of disclosure.
Following news of this latest attack, Yahoo shares dropped by over 4 percent and according to cyber security scientist Kenneth Geers who works at the firm Comodo, this hack may have been entirely down to Yahoo’s lack of interest in properly protecting its users: “Yahoo should know that it is an invaluable target for cybercrime syndicates and nation-states and invest the resources to protect its data accordingly. The use of vulnerable MD5 hashes suggests that Yahoo was not paying sufficient attention to security.”
Discuss on our Facebook page, HERE.
KitGuru Says: It seems that Yahoo has been pretty irresponsible in its security practises over the last few years, which isn’t a good sign for any of its users. The 2014 hack was bad, but the fact that this has happened twice on such a large scale is crazy and the fact that it took years to give customers notice that their information had been compromised is appalling. I do wonder if any legal ramifications will be handed down due to this though.