With yet another incremental revelation week before last that all of its three billion users had actually been hacked in August 2013, Yahoo has just outperformed itself on how not to handle a data breach. The beleaguered company had begun the data breach disclosure in 2016 with the promise that only about half a billion of its loyal users had been compromised in the breach. That number eventually grew to one billion before the full and final disclosure week before last — in an indication that most such companies might not even be aware of the full extent of the breach or never determine exactly what data was accessed.
With a breach now affecting nearly half the world, the challenges ahead for Yahoo and its fraternity are clear — restoring consumer trust in tech companies and products is critical to the continued success of the industry that drives several major economies around the world. But the real victim of Yahoo’s security breach — which included names, email addresses, phone numbers, birth dates and security questions and answers — is privacy.
The Yahoo revelation, like the Equifax case where more than 145 million Americans had their credentials stolen in a massive cybersecurity breach last month, point to a disturbing reality: In a world where personal data is the new gold, companies will go to greatly innovative lengths to acquire and do mostly nothing for its robust protection. The lessons for users around the world could never be more significant: From sensible use and storage of personal data to changing your passwords often to using separate email IDs for online transactions, nothing is too trivial in the world of cybersecurity.
Low intensity cyberwarfare is a new threat that could potentially destroy companies and individuals in a matter of minutes — and eternal vigilance combined with enforcing even more stringent security standards are the only solutions in sight.
