Yahoo puts spotlight on Cyber Security
Yahoo announced last week that it believes that all Yahoo user accounts were impacted by the 2013 data hack that rocked the company. This means that around THREE BILLION accounts were affected by the cyber-attack, making it easily one of the biggest hacks of personal information EVER.
Information stolen in the incident includes email addresses, passwords to those accounts, personal information of individuals such as their birthdates and more.
Yahoo has come under tremendous scrutiny and received a lot of criticism about the way the company dealt with the aftermath of the hack. Despite the attack occurring in 2013 it was not disclosed to the public until December 2016, meaning that potentially billions of individuals were left exposed without any idea of what had happened. Even in December 2016 Yahoo reported that the number of those affected sat at 1 billion; that number has tripled now.
Yahoo is likely to face litigation from users and it’s safe to say the whole thing is a disaster for the company that was bought by Verizon earlier this year.
With the Equifax breach making big headlines as well this year, some are calling for the US to introduce legislation similar to the European GDPR model.
The General Data Protection Regulation (GDPR) is the European Union’s attempt to bring data protection up to date to deal with the new or previously unforeseen ways that data could be used and make sure that organisations are prepared to deal with the modern cyber security landscape.
Further Reading on GDPR
Our marketing and research partner, Ingenium-IDS in conjunction with Informatica and Entity Group recently conducted a survey into how EU GDPR (General Data Protection Regulation) will affect the public sector. The conclusions from the research have been collated into a full finding report, ‘GDPR: Obligation vs Opportunity?’ available for download here.
How Cyber Essentials Can Help
The first step to keeping your organisation safe from cyber-attack is to be certified with Cyber Essentials. Certification to the Government’s Cyber Essentials Scheme is a mandatory requirement for organisations wishing to win business with the MOD, and can help your organisation prepare and defend itself against malicious cyber-attacks, regardless of the sector you operate in.