Last week, Yahoo announced they were the victim of one of the largest data breaches ever, when in 2014 the company was hacked and 500 million users' data was stolen. What does this event teach us about data security, and what can you do to keep your data private and protected?
The Yahoo breach: What happened?
In 2014, Yahoo was hacked, with the thieves gaining access to half a billion users' data.
In 2014, Yahoo was hacked, with the thieves gaining access to half a billion users' data. This included their names, phone numbers, email addresses, birth dates, and security questions. Yahoo has reassured users that they believe unprotected passwords, credit card and bank details were not part of the information taken. With that said, the company has recommended people change their Yahoo passwords if they haven't done since 2014. Yahoo claims that the hackers were state-sponsored, which has yet to be verified.
Although cybercrime is a threat to any online entity, Yahoo's handling of the situation has faced some criticism. Jeremiah Grossman, SentinelOne's head of security strategy, points out in the Guardian that we don't know when Yahoo became aware of the breach, but that it is "an important detail in the story." While Yahoo's announcement about it has only come out last week, some of the user data appeared for sale on the dark web two months ago, which Yahoo acknowledged it was aware of. There is also the issue of the nearly two-year gap between the hack itself and Yahoo's public statement.
The announcement comes at an awkward time for Yahoo, who sold its core business to Verizon in July for US$4.8 billion. Verizon has said it was not previously aware of the hack.
What it means for us
The Yahoo breach shows how reliant we are on companies like this to look after the data we share with them. Many people give information freely to brands or businesses they trust, but even if the company itself is trustworthy, it doesn't mean they can't still be targeted by criminals.
"This truly demonstrates the vulnerability of entrusting our personal data with third parties" says Tim Gallagher, CEO and Co-Founder of SafeSwiss. "Data is precious, it's very valuable. And data is a commodity."
Many businesses sell the data their users share (WhatsApp has recently announced it will share some data about its users with its new owner Facebook, for example) but something this valuable also attracts thieves, who know there's a market for this information.
This breach demonstrates the scale of the threat to your personal data, and that even big companies can be vulnerable. So what can you do yourself to keep your data safe?
The breach shows how reliant we are on companies to look after the data we share with them.
What you can do to protect yourself
Be careful about where and how you give out your personal information online. As Gallagher puts it, "we hand out information willy-nilly to all and everyone," but just as in the real world, consider who you share details about your life with digitally, and whether they really need to know. Giving your name or email address to businesses that you sign up with is hard to avoid, but taking a moment to consider if what you're doing is sensible.
With that caution in mind, an easy step everyone could take to protect their data is encryption.
"Encryption is a mechanism that most certainly goes a very long way to protect your data, be it sensitive or non-sensitive," says Gallagher.
The SafeSwiss Secure Communications App offers a free, straightforward solution that utilises the latest military-grade elliptic curve cryptography. Encryption is a powerful tool in the defence against hacks and data breaches, and SafeSwiss is an easy option for smart phone and tablet users to increase their privacy.
Take steps to protect your personal data and try our free encryption app today.