![]() ![]() There has been an exodus of qualified Yahoo staff and they seem to be unable to apply best security practices. It looks like Yahoo has not learned their lessons, so new hacks can happen any time. If employees check their Yahoo account on their lunch break, do you want to expose your company network to that? My position is that all Yahoo accounts need to be considered compromised. They are sitting ducks for spam, phishing and malware attacks. government and military employees are among the victims in the latest breach. ![]() ![]() Well, that whole 1B database was sold on the dark web by a group of professional blackhats from Eastern Europe for 300K, (and is still for sale at a much lower price right now) which means that a ton of bad guys now have these credentials, but worse, they have answers to security questions like "your mother's maiden name" which do not change like passwords, and and backup email addresses that could help with resetting forgotten passwords.īloomberg reported that 150,000 U.S. Some people asked me after our Flash announcement last week: "Stu, really, these hacks happened a few years ago, closing down my whole Yahoo account, or blocking Yahoo at the firewall. Here is a Reuters article where I am quoted, which covers the most recent billion-record Yahoo hack.
0 Comments
Leave a Reply. |