Yahoo under fire for data hack and email snooping
Hard times for Yahoo
It’s not been a good month for Yahoo. No sooner had the company announced it had suffered the biggest known data breach in history than it was forced to admit its part in a covert email monitoring activity on behalf of the US government. All of which means that it can expect to receive ‘special attention’ from EU data authorities and a possibly hefty dent in its mooted $4.8 billion sale price from Verizon.
Cybersecurity firm InfoArmor posted an analysis to its website alleging that the breach which saw ‘at least’ 500 million email accounts compromised was carried out by ‘professional blackhats’ who were hired to compromise a number of organisations, including Yahoo.
In an article for NBC News, InfoArmor Chief Intelligence Officer Andrew Komarov was reported as saying that a ‘state-sponsored actor from Eastern Europe commissioned and later paid the hacker collective $300,000 for the Yahoo data trove.’
But, just a few hours later, the Wall Street Journal ran a story in which Komarov apparently disputed his earlier assertion: ‘We don’t see any reason to say that it’s state sponsored. Their clients are state sponsored, but not the actual hackers.’ Confused yet?
More trouble in store
Although we’d all dearly like to know who actually carried out the attack, the most pressing question at the moment is how soon Yahoo knew about it. The company filed documents with the SEC at the beginning of September indicating that there had been no security breaches that would adversely impact its business.
If it turns out that the top brass at Yahoo knew it had been hacked before that filing, it could be held accountable for a deliberate failure to disclose. Worse still, if knowledge of the hack goes back even further — let’s say before Verizon agreed to buy Yahoo — the $4.8 billion deal could hang in the balance.
Snooping for the government
That said, Yahoo’s handling, or mishandling, of the hack could be small potatoes when compared with possible sanctions arising as a result of its willingness to cooperate with the US government in an extensive email snooping exercise. EU courts take a dim view of mass surveillance by US authorities on European personal data and could potentially block data transfers into the US, damaging Yahoo’s business prospects further.
Verizon may well believe that a discount off Yahoo’s buy price is in order. Analysts are suggesting that $1 billion wouldn’t be unfair, though it does amount to more than a quarter of the headline deal. Much will depend on how confidently Verizon can negotiate – and how badly Yahoo needs to sell.
Bank of Cardiff is the nation’s premier small-business direct lender. Bank of Cardiff offers direct funding to small business owners, making working capital loans, small business lines of credit, equipment financing & equipment leasing to all 50 states.