Data Breach

pdf

School

University of Cincinnati, Main Campus *

*We aren’t endorsed by this school

Course

4076

Subject

Information Systems

Date

Feb 20, 2024

Type

pdf

Pages

7

Uploaded by SuperLeopard4063

Report
Instructions Build an attack case study report using this template. If you need help, refer to the instructional video. There are five content slides plus a title slide in this template. You can receive up to 20 points for each content slide. You need 80 points to pass this assignment. For your best chance of success, pick an attack or breach with enough information and data so that you will be able to report the required information. Replace the red text on each slide with your information and change the text color to black or white, depending on the background. You can change the font size, if needed. When your report is complete, delete this slide and save your file as a PDF to submit for review.
© Copyright IBM Corp. 2023 Yahoo Data Breach 2017 Cyber-attack Yahoo users
Cyber-attack: Unauthorized access and theft of user data 1. The Yahoo Data Breach 2017 is categorized as a cyber- attack involving unauthorized access and theft of user data. In this case, hackers gained access to Yahoo's systems and stole sensitive information belonging to billions of Yahoo users. The attack was a result of a sophisticated and targeted cyber-espionage operation.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Company Description and Breach Summary Yahoo is a multinational technology company known for its internet-based services, including email, search engine, and news. In 2017, Yahoo revealed that it had suffered two major data breaches. The first breach occurred in 2013 and affected approximately 1 billion user accounts, while the second breach took place in 2014 and compromised around 500 million accounts. The stolen data included names, email addresses, phone numbers, dates of birth, hashed passwords, and security questions and answers.
Timeline 5 2 3 4 1 6 Event 1 2013: Yahoo suffers a major data breach compromising 1 billion user accounts. Event 2 2014: Another data breach occurs, affecting 500 million user accounts. Event 3 September 2016: Yahoo becomes aware of the breaches during an internal investigation. Event 4 December 2016: Yahoo discloses the 2013 breach publicly, revealing its severity. Event 5 September 2017: Yahoo revises the number of affected accounts in the 2013 breach to 3 billion, essentially encompassing all Yahoo accounts at the time. Event 6 1.October 2017: Yahoo announces that the 2014 breach was likely separate and unrelated to the 2013 breach.
Vulnerabilities Vulnerability 1 Vulnerability 4 Vulnerability 2 Vulnerability 3 In this box, provide an overall vulnerability summary. Then provide a summary of 4 specific vulnerabilities for your case in the boxes below. Outdated security measures: Yahoo had not implemented sufficient security protocols and failed to update their systems, leaving them vulnerable to exploitation. Weak encryption: The use of weak encryption algorithms and inadequate password hashing methods made it easier for hackers to decipher stolen passwords. Insider threat: The breaches were facilitated by a state-sponsored hacker group, which implies the possibility of insider involvement or collusion. Lack of incident response: Yahoo's response to the breaches was slow and ineffective, delaying the detection and containment of the attacks.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Costs and Prevention Costs Prevention Financial costs: The breaches impacted Yahoo's acquisition deal with Verizon, leading to a decrease in the purchase price by $350 million. Legal settlements: Yahoo faced numerous class-action lawsuits and agreed to pay a settlement of $117.5 million to affected users. Reputational damage: The breaches undermined user trust in Yahoo's security practices and had a lasting negative impact on the company's reputation. Implement robust security measures: Regularly update and patch systems, use strong encryption algorithms, and adopt multi-factor authentication. Conduct regular security audits and assessments: Identify vulnerabilities and weaknesses proactively to prevent breaches. Enhance incident response capabilities: Develop and implement an effective incident response plan to detect, contain, and mitigate breaches promptly.

Related Documents

MRD-Template-with names.docx
Project 1 WindowsUpgradePlanTemplate.docx
Topic 6 CAT.docx
cwollenzien_strategicplan_01282024.docx
Exam_1_ID_1052003.pdf
Secure Network Architecture Lab Report.docx
Lab 5 - Windows Registry_2023.pdf
Final project part 4.docx
Capstone _6-1.docx
Info 5000 assignment 2.docx
Unit 6 Discussion How Advanced Technology has benefitied the RCM.docx
Question.docx