1 / 13

Yahoo Data Breach Team 4 Hanqing Zhou|Yijiang Li|Jason M Mays|Karabo Ntokwane|Qianru Yang

Yahoo Data Breach Team 4 Hanqing Zhou|Yijiang Li|Jason M Mays|Karabo Ntokwane|Qianru Yang. Background.

burgee
Télécharger la présentation

Yahoo Data Breach Team 4 Hanqing Zhou|Yijiang Li|Jason M Mays|Karabo Ntokwane|Qianru Yang

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Yahoo Data Breach Team 4 Hanqing Zhou|Yijiang Li|Jason M Mays|Karabo Ntokwane|Qianru Yang

  2. Background The Internet service company Yahoo! reported two major data breaches of user account data to hackers during 2016. Both breaches are considered the largest discovered in the history of the Internet : • First announced breach Reported in September 2016, had occurred sometime in late 2014 • Second announced breach Occurring earlier around August 2013, was reported in December 2016. Specific details of material taken include: names, email addresses, telephone numbers, encrypted and unencrypted security questions and answers, dates of birth, and hashed passwords

  3. What Happened & How • In July 2016, account names and passwords for about 200 million Yahoo! accounts were for sale on "TheRealDeal" • The seller--"Peace_of_Mind" stated in confidential interviews with Vice and Wired. Peace has previously been connected to sales of similar private information data from other hacks including that from the 2012 LinkedIn hack. • Peace stated the data likely dates back to 2012, while some of the sample accounts were still active, they lacked necessary information to fully login properly, reflecting their age. • Experts believe that Peace is only a broker of the information that hackers obtain and sell through him. • Yahoo! stated they were aware of the data and were evaluating it, cautioning users about the situation but did not reset account passwords at that time.

  4. Impact on the Customers • Customer data that was leaked include names, email addresses, telephone numbers, encrypted or unencrypted security questions and answers, dates of birth, andhashed passwords- • Information could help hackers break into victims' other online accounts.

  5. Impact on the Employees • CEO stepped down • Legal advisor resigned • Operational disruptions

  6. Impact on the business reputation • Loss of customer trust - 90 percent of the Twitter comments about Yahoo were negative • Brand devaluation • Germany's Federal Office for Information Security warned government and other German users to seek email and Internet solutions from companies with better security approaches. • Examination of the breach by Ireland's Data Protection Commissioner • Communicate all aspects of the data breach to the EU authorities • AT&T dropped revenue share agreement • Share prices went down by 5%

  7. Impact on the business (financial) • $16 million in direct costs related to the breaches, costs and liabilities created by lawsuits from customers and partners. • class-action and shareholder lawsuits • Yahoo! is currently facing an SEC investigation • Verizon acquired Yahoo deal by $350 million less

  8. Root Causes • A long-term recession of Yahoo’s business • concentrating on system performance • less budget for technology upgrade • Insufficient security awareness of security team • considering new security projects as low priority

  9. Root Causes (cont.) • Outdated data encryption technology - MD5 • MD5 hashing algorithms is mathematical function that converts data into seemingly random character strings. • MD5 is considered cryptographically broken and unsuitable for further use. A short video about what MD5 is:

  10. What controls were missing? • Lack of enforcement on security Q&A encryption • Failure to prevent cookies attack • Employee security awareness training • Part of account used MD5 algorithm • Delay in discovering and reporting

  11. Our Recommendations • Full conversion from MD5 and SHA-1 algorithm to bcrypt for certificates and passwords. • Reissue certificates to external Yahoo websites on a routine schedule. • Establishing an IT audit committee. • Develop a crisis management plan to address future breaches.

  12. Q&A? Thank you!

  13. Works Cited • Goodin, Dan (September 22, 2016). "Yahoo says half a billion accounts breached by nation-sponsored hackers". Ars Technica. Retrieved December 15, 2016. • Castillo, Michelle (February 15, 2017). "Yahoo's new hack warning comes from a third breach, the company says". CNBC. Retrieved February 18, 2017. • "Why Yahoo's Security Problems Are a Story of Too Little, Too Late". Reuters. December 19, 2016. Retrieved December 19, 2016. • Horgan, Richard. "Yahoo Breach May Have Led to ‘Credential Stuffing’". AdWeek. Retrieved March 23, 2017. • Szoldra, Paul. "The dark web marketplace where you can buy 200 million Yahoo accounts is under cyberattack". Business Insider. Retrieved September 22, 2016. • Joseph, Rebecca. "Here’s what you need to know about the Yahoo hack". GlobalNews. Retrieved September 25, 2016. • http://www.verizon.com/about/news/verizon-acquire-yahoos-operating-business • https://www.usatoday.com/story/tech/news/2016/09/22/yahoo-breach-500-million-what-to-do/90849498/

More Related