Yahoo and WannaCry - Two Recent Infamous Data Breaches

The risk of a cyberattack is said to be always imminent; wherever and whenever.

It’s often seen as a case of “when” and not “if”. In this blog, we’ll have a look at two of the most infamous data breaches – Yahoo and WannaCry – that have happened recently. We’re actually representing victims involved in the breaches outlined in this blog as well.

These are big breaches that have affected big companies.

Yahoo

The web service provider reported two data breaches in September and December 2016 that some consider as the ‘largest in the history of internet’.

The first announced data breached occurred in 2014 which reportedly affected more than half a billion Yahoo users. The cyber-attacker infiltrated the network and stole users’ personal data which included names, email addresses, telephone numbers, dates of birth, encrypted passwords and some security questions.

The first breach was believed to be a state-sponsored attack on the U.S., where Yahoo’s HQ is situated.

The second breach reportedly occurred in August 2013 and affected more than one million Yahoo users. As with the first breach, the cyberattack stemmed from the network being infiltrated, and personal information was stolen including names, telephone numbers, dates of birth, encrypted passwords, and unencrypted security questions that are used to reset a password.

According to the New York Times, Yahoo was slow to adopt cybersecurity measures as the company’s cybersecurity team and the CEO, Marissa Mayer, reportedly clashed over the ‘cost and customer inconvenience of proposed security measures’.

‘Customer inconvenience’ can’t be a legitimate excuse for not implementing strong cybersecurity.

WannaCry

The global ransomware attack unravelled on 12^th May 2017 and mainly successfully targeted computers operating old Microsoft Windows systems. Cyber-attackers reportedly encrypted the data of over 300,000 computers in more than 150 countries. In order to be released from their grasp, individuals, organisations and businesses were being forced to pay ransom payments via Bitcoin.

Among the organisations hit, the cyber-attack almost crippled the NHS at the time as many computers nationwide were infected. 16 hospitals and GP surgeries were among the health organisations hit.

The WannaCry ransomware delivered emails which tricked the recipient into opening the email to release the malware onto the system. Once opened, the malware locked and encrypted files which couldn’t be accessed until the ransom was paid ($300 to $600 (£230 to £460) per computer). This led to the NHS to run on an emergency-only basis. NHS staff were forced to reject patients and cancel appointments as they were advised to shut down computers to prevent further attacks.

Mikko Hypponen, chief research officer at cyber-security firm F-Secure, labelled this as “the biggest ransomware outbreak in history.”

Microsoft issued a patch to protect their users and provided additional detection and protection services.

If you have been affected by either breach then get in contact with the Data Leak Lawyers as we’re representing victims involved in the breaches… Call us free from a landline or mobile on 0800 634 7575 and speak to one of our data breach team on starting a claim for compensation.

Start Your Claim

You can call our claims team free from a landline or mobile on 0800 634 7575 or click on the link below to create a call back with one of our expert Data Claims team.

Create A Call Back

Information on how we handle your data is available in our Privacy Policy.

The content of this post/page was considered accurate at the time of the original posting and/or at the time of any posted revision. The content of this page may, therefore, be out of date. The information contained within this page does not constitute legal advice. Any reliance you place on the information contained within this page is done so at your own risk.