Yahoo Data Breach: Industry Reaction
Fresh from its recent Verizon acquisition, Yahoo has announced that 500 million user account credentials were stolen during an attack in 2014, making it one of the biggest data breaches of all time.
The data stolen includes names, email addresses, telephone numbers, birthdays, hashed passwords and some "encrypted or unencrypted security questions and answers."
In light of the news, various industry professionals have offered their reaction and analysis.
Jacob Ginsberg, Senior Director at Echoworx:
“Unfortunately, this yet again demonstrates that “good enough” is not good enough when it comes to security. Data persists, so even if you’ve taken steps to protect that information, hackers may have the tools to negate these defences six months, one year or three years down the line.
"If you do the bare minimum now, this won’t do you any good in six months’ time. Simple hashing of passwords isn’t enough – using strong encryption and salting passwords should be prerequisites for any organisation handling account information.”