News have broken out regarding another fine in the size of £250,000 for Yahoo because of a delayed data leak disclosure which happened back in 2014.
The breach has resulted in the successful theft of a total of 515,121 users, located in UK. The data breach has resulted in e-mail addresses, phone numbers, names, birth dates, passwords and encrypted as well as non-encrypted security questions to be stolen by hackers. Yahoo has responded to the incident by putting the blame to state-sponsored attacks, however has not specified any concrete country to be involved in the attacks. Two years later, they have disclosed the data breach itself.
The delayed data breach reportedly gave valuable time to the cyber-criminals to proceed doing what is for their best interest when it comes to user data, and the UK users’ whose data has been stolen have not been aware of that, during this time.
Will GDPR Save Yahoo?
James Dipple – Johnstone, the Deputy Commissioner of operations has carried out an investigation which at the time was under the Data Protection Act 1998 and the result of it is that Yahoo has “failed to prevent unauthorized access to the personal data of little more than 500 million international users. From what is known so far, exactly 515,121 accounts belonged to UK residents who Yahoo has failed to protect under the UK law. Furthermore, according to the deputy commissioner Yahoo had appropriate time to react and since they manage a lot of data, they had the means to implement protection measures as well, during that time.
But even though the ICO has presented Yahoo a solid fine, they may have been in luck, because of one thing – GDPR. When presented, the fine was limited to UK customers who have been affected, however, with (Read more...)
*** This is a Security Bloggers Network syndicated blog from How to, Technology and PC Security Forum authored by Vencislav Krustev. Read the original post at: https://sensorstechforum.com/yahoo-receives-250000-fine-500-thousand-uk-accounts-leaked/