Yahoo’s admittance to an attempted hack to seize passwords to its customers’ email accounts has highlighted the need for businesses to remain vigilant with their security systems.
"This latest attempt to hack Yahoo highlights the growing responsibility of businesses to do far more to protect users’ data," said Ashish Patel, director at Stonesoft, a McAfee Group Company.
"If it is indeed the result of a third-party database compromise, Yahoo needs to have greater insight into the security systems of the third parties it is sharing data with to avoid a repeat performance and ensure it remains a trusted brand," he told CBR.
Fujitsu’s chief security officer, David Robinson, told CBR that Yahoo is not the first and will certainly not be the last company to suffer this type of data breach.
He said: "Many businesses, and consumers, are still failing to see the reality of the situation we are now facing. Companies are no longer fighting against individuals, but a sophisticated criminal industry, designed solely to access their data. This is why we describe organisations in two groups, those who have been hacked, and those who will be.
"The issue for businesses is that, thanks in part to wider awareness, consumer tolerance for data loss is at an all-time low, a point which came across heavily in recent research we undertook. It showed consumer trust had significantly reduced, with over 1 in 10 consumers suffering from a data loss and less than 10% believing that consumers are doing enough to ensure their data is protected."
Although Yahoo must heed to the outcomes of this hacking attempt, George Anderson of Webroot told CBR that consumers need to learn a lesson here too.
"Although organisations like Yahoo have a big role to play in ensuring user data is stored safely and securely, at the end of the day it’s also the responsibility of consumers to do everything they can to keep their credentials safe, he said.
"Having multiple passwords should be done where possible. They should also change their passwords on a regular basis and make sure to take advantage of any additional layers of security available such as biometrics, PIN and so on. By taking these steps, consumers should ensure their data is safe in spite of any attempted hacks."
