Companies
22/09/2016

Recode says Info About Massive Data Breach to be Provided by Yahoo




Technology news site Recode reported on Thursday, citing unnamed sources familiar with Yahoo’s plans that the tech company this week will disclose a data breach that compromised the details of several hundred million users.
 
Yahoo plans to sell its email service and other core internet properties to Verizon Communications Inc for $4.8 billion and it was not clear how such a disclosure might affect the plan.
 
Representatives at Yahoo and Verizon could not be reached for comment.
 
Linn Freedman, a privacy attorney with Robinson & Cole LLP said that if a breach is confirmed, Yahoo would likely force users to change their passwords.
 
But if the scope of the breach is limited to what has been described in press reports, Yahoo would likely not need to notify individuals affected via mail or provide them with credit monitoring services.
 
"If no financial information or Social Security numbers are involved, then most state laws would not require notification and credit monitoring would not be applicable," Freedman said.
 
A cyber criminal known as Peace was selling the data of about 200 million Yahoo users, but did not confirm its authenticity, technology news site, Motherboard had reported on August 1 without confirming its authenticity, and Recode's report follows that revelation.
 
A week after Verizon announced its deal with Yahoo, the Motherboard report was published.
 
According to Motherboard, Peace was selling that data for 3 bitcoin, or around $1,860. Motherboard said that user names, birth dates, some backup email addresses and scrambled passwords were the personal details that were possibly compromised.
 
All Yahoo users should assume their credentials were stolen and change their passwords even though a breach had not been confirmed, said Gartner analyst Avivah Litan.
 
Since consumers often reuse passwords hence stolen passwords are valuable to cyber criminals, she said. Litan said that the so-called "credential stuffing" attacks have surged over the past 18 months and criminals use stolen credentials for these attacks. In such attacks, criminals log into personal accounts on sites such as banks, travel firms and online gaming firms by using automated programs to cycle through stolen user IDs and passwords.
 
She said that consumers stand to lose money, credit card data, frequent flyer points and cash stored on merchant wallets even though the average success rate is only 1 to 2 percent.
 
Meanwhile Allo, a messaging app that incorporates Google's search feature and a chatbot that uses machine learning to "improve" itself over time, was launched by Google-parent Alphabet Inc
 
Set to compete with Facebook Inc's WhatsApp and Messenger, this new messaging service was unveiled in May. A chatbot powered by Google Assistant, a virtual personal assistant like Apple Inc's Siri is featured in Allo. By typing "@google" followed by a search query, users would be able to call up the assistant in a chat after which results will be displayed in the chat itself.
 
"The more you use it, the more it improves over time," Amit Fulay, group product manager, wrote in a blog post.
 
(Source:www.reuters.com) 

Christopher J. Mitchell
In the same section