Wednesday’s disclosure from Yahoo regarding a breach of epic scale involving one billion user accounts is having a ripple effect across the spectrum. From individuals, whose accounts have been compromised, to the potential implications for the pending acquisition by Verizon, the incident is far-reaching and historic.
While the scale of the data breach here is breathtaking, it will most likely not cause the tremendous economic impact of other large breaches such as the well-publicized Target incident. If Yahoo has closed the vulnerability that allowed the threat actors to steal user data, this global-forced password change will limit the fallout and the threat of unauthorized access to accounts.
However, one way the data will likely be leveraged in the future will be for sending targeted spear phishing emails to Yahoo account holders or spoofing the compromised addresses to obtain the “from” address to deceive someone into opening a malicious message. Further, if any metadata was breached on the account, e.g. names, other email addresses or security question answers, the threat actors could use that information to breach other accounts.
Users should immediately take steps to update their account access information and practice extreme caution for incoming malicious emails that could infect or compromise their computer. This is the case for individuals and businesses alike.
Beyond the practical aspect of email account compromise, Yahoo has a much larger issue to address. With news Thursday of significant stock price decline amid concerns that the Verizon deal could be compromised, the long-term ramifications run much deeper.
This entire incident reinforces the significance for a complete understanding of a prospective company’s IT infrastructure and its cybersecurity posture prior to engaging in an M&A. When the first incident was revealed, because of its sheer magnitude, I considered the worst to be over. Unfortunately, this doesn’t appear to be the case.
But, seems to be a systematic issue that should put M&A teams on notice. After all, Yahoo is a major enterprise with vast resources. Their victimization suggests that any company can be susceptible regardless of the size or scope of the organization
Hyper due diligence is absolutely essential to keep IT infrastructure safe for running normal businesses operations, but when an M&A is involved the stakes are even greater. If anything, this series of breaches should convince corporate decision makers and stakeholders that cybersecurity must be treated as a proactive operational expense and investments made accordingly. The current and future costs are far too great.