StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Analysis of Yahoo Incident - Case Study Example

Cite this document
Summary
The paper "Analysis of Yahoo Incident " is a good example of a business case study. This essay identifies a major business incident that occurred at least two years ago and provides an analysis of the way the affected company handled the issue using various theories that have been covered in the unit…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER92.8% of users find it useful

Extract of sample "Analysis of Yahoo Incident"

Student Name: Tutor: Title: Management Communication Essay Course: Management Communication Essay Introduction This essay identifies a major business incident that occurred at least two years ago and provides an analysis of the way the affected company handled the issue using various theories that have been covered in the unit. This essay looked at the historic data breach that was realized at Yahoo where personal information of clients was stolen by hackers and sold them to third parties. Although the hacking had happened in 2014 it was only realized in 2016 July but the company took another two months before letting its customers know about the incident. How Yahoo handled this incident elicited mixed reactions from people and showed some laxity in the company with regard to securing client’s information. This essay reviews events leading to this breach and how the company handled the incidents through various communication channels. Discussion In July 2016 Yahoo! Inc. got a report of an anonymous hacker who claimed to have two-hundred and eighty million user account credentials for sale on black market. The initial investigation established that there was no evidence to back this claim according to people involved in the investigation (Olenick, 2016). Such claims were common. Yahoo conducted thorough investigation, piece by piece and the company came out with evidence of even a bigger breach. Earlier the following week the individual said there was adequate evidence to present to Verizon Communication Inc., which had agreed to purchase web assets for Yahoo for $4.83 billion on July 25 (Moore, 2016). The person asked for anonymity in order to discuss internal findings. Yahoo released a statement the following Thursday where it shared the news with its users as well as the entire world. It was revealed that the personal information of at least 500 million users on its accounts from 2014 exposing a broad swath of its roughly one billion users. Yahoo said that the attacker was a state-sponsored actor and the information stolen included names, phone numbers, e-mail addresses, date of births, encrypted passwords as well as encrypted security answers and questions (Thielman, 2016). Passwords were taken in a form that prevented their immediate re-use and the company believed that financial information in the possession of the company remained safe. Yahoo confirmed that a major cyber attack had happened where data from 1 billion user accounts was compromised in 2013 making it the biggest breach in history. The company disclosed the breach in September after the attack had happened in July. The company claimed that unauthorized party broker into accounts in the statement that it released within its website (Olenick, 2016). Yahoo claimed that the hacks were connected and somehow ‘state-sponsored’. Yahoo Chief Information security officer said that the hackers ‘forged cookies’ which refer to bits of code that remain the user’s browser cache in that a website will not need a login for every visit. The cookies made it possible for an intruder to gain access to the accounts of users without using a password through misidentifying anyone making use of them as the owner of the email account. The chief security officer, Bob Lord, said that the breach is closely related to theft of property code of Yahoo (Womack, Robertson & Riley, 2016). The company had suspected the breach in November when law enforcement came to the company with what a third party claimed to be user data and Lord suspected that the data included forged cookies. Brian Krebs, a Security researcher the years claimed that he had urged family and friends to stop using Yahoo mail since he had watched over the years that the company was lagging behind in blockage of spam as well as other email-related attacks. He reiterated that he still remained firm about this recommendation (Mendelsohn, 2016). After Yahoo made public the security breach in September 6 senators in the United States sent a letter to Yahoo asking the company to reveal in detail what exactly when it had learnt about the intrusion. The senators were disturbed that the comprising of user information first happened in 2014 and the company only revealed the breach in September of 2016. The six senators found the revelation that millions of Americans’ data had been comprised for a period of two years to be totally unacceptable. Yahoo was being acquired by Version for $4.8 billion but the sale has been a challenging one (Womack, Robertson & Riley, 2016). In October of 2016 a report indicated that the company had cooperated with NSA for enable scanning of emails of users for keywords on behalf of the agency. A lawyer representing Version, Craig Silliman, revealed that the September breach had definitely damaged the value of Yahoo and suggested that the damage has to be reflected in the quoted buying price. The lawyer asserted that the damage was material and looked forward to Yahoo to illustrate the full impact to them. If the impact had no any impact according to Yahoo the lawyer said they had to demonstrate so. The passwords were MD5-enrypted hence making the hackers to easily decrypt them by use of MD5 decrypter that is available online therefore making Yahoo vulnerable to hackers (Cox, 2016). Email breaches are traumatizing to users since they can reveal family and bank details together with passwords that users go ahead to share between systems or have received within their email accounts. The sharing of password has become very rampant in that databases of login information are usually used by hackers to test for password-and-email combinations on retail websites like Amazon or Wal-Mart (Thielman, 2016). Yahoo said that Bank account and payment card data were not stored within the system that is believed to be affected. Yahoo notified all users affected by the breach and asked them to change their respective passwords. Yahoo had other assets apart from the popular webmail service. Other properties included photo-sharing site Flickr, blogging platform Tumblr, and Yahoo Finance. The communication strategy was faulted by many people after the revelation of the historic data breach in 2016. Firstly, it took the company a period of two years to realize a security breach had happened. This worrying for the account users who realized that the accounts were not foolproof and third parties were accessing their personal information and selling on the dark net (Mendelsohn, 2016). However, disclosing a breach is one of the processes driven majorly by legal departments of companies which assess state laws on what should be disclosed. This is very challenging when dealing with sophisticated adversaries who can easily delete records while inside Yahoo network. The delay in the discovery as well as reporting could be termed as common but the size of the breach was enormous. It is very easy to miss initial intrusion and inability to identify a huge leak of prized assets is uncommon. The first report about the breach denied there being such an incident but only to reveal the breach after a thorough check in September. The breach was realized in July but Yahoo took another two months to let its account users to know about the incident. When a hacker going by the pseudonym Peace uploaded 200 million Yahoo credentials on the marketplace called The Real Deal for 3 Bitcoins Yahoo admitted that that they were aware of the potential leak but could not confirm the data authenticity (Khandelwal, 2016). This shows that the company was not swift enough to confirm the incident that had happened in the last two previous years. It took the company two months to reveal the breach in September when the breach had been realized in July. Delaying in communicating such crucial information adds to the worry that users have about their information on any Yahoo platform (Pearson & Nelson, 2000). The users should have notified earlier once the breach was realized in order for them to change their passwords or advised on other security measures to undertake to secure their personal information that could be used by hackers on retail websites like Amazon. In communication it is important to communicate well in order to inspire confidence in the clients. The clients should have been the first people to know about the breach before even the information leaked to the press. Yahoo took a lot of time to engage the clients but by then they had all kinds of versions of the incidents from third parties who are bound to cast aspersions about what really happened (McLean, 2005). The company did not help the clients by withholding information concerning the incidents. While Yahoo maintained that it was not a major breach, it went ahead to encourage clients to change passwords hence signifying the enormity of the problem. The primary source of the message for the clients should have been the company in order to increase their trust concerning the safety of their personal information (Pearson & Nelson, 2000). The message from Yahoo should have been directed towards the clients about the safety of their personal data. Once the company first denied about there being a breach it made the clients to doubt the competence of the machinery concerning the safety of their information. The channel of communication was poor since the company put the information on its website and some of the clients may not have seen the message first hand (Hern, 2016). It was horrifying for some of the Yahoo users to learn about the breach on other media channels. Yahoo should have made sure that clients have learnt about the breach from its sources and no any other channel. It is unfortunate that the breach was realized when the company was being bought by another company hence the issue became sensationalized in the media and other reporting channels. It is the responsibility of the company to be in charge of any communication to the clients and should not allow third parties to pollute the minds of the users by giving dramatic events that may not be necessarily true (Hern, 2016). There is a lot of interference if information channels are not controlled or carefully chosen. When a crisis happens, a company must be prepared and have someone special to act as the spokesperson who will rely the information to the media and other members of the public. Yahoo was not prepared and clients got information from multiple sources hence increasing their worry about their stolen personal information. Having a prepared communicator is important. Yahoo did not provide technical details in their report of how exactly the data was extracted hence it was not possible to credible assess the state sponsored claim (Pearson & Nelson, 2000). State-sponsored allegations are often used to point to surreptitious and sophisticated means of data exfiltration. It was not clear how the passwords were protected by the company. The data breach also brought about a strong challenge with security questions that involves users resetting their passwords through answering questions about mother’s maiden name or their first house. It emerged that Yahoo did not encrypt all security questions in their possession and some were just readable in plaintext. The communication channel used by the company was poor and it was not easy for Yahoo to persuade its users about the safety of their personal data (McLean, 2005). Putting the information on the website instead of reaching to the users personally was not wise. Conclusion This essay had discussed events surrounding the data breach that was realized at Yahoo in July 2016 when it has actually occurred two years before. The two year lapse is worrying since it was enough time for the hackers to use personal information of users to their advantage. The company only realized the incident in July 2016 but let it public two months later in September. During this historic breach Yahoo did not conduct its communication with the public and clients effectively. Despite denying the incident at first, the company later established a data breach had happened as users’ personal information stolen. This incident shows how communication is important during crisis in order to low tension and anxiety of clients and stabilize the company’s shares in the stock marker. The incident points out important procedure that companies have to follow to ensure that they communicate the desired message to clients and the market in the most effective way possible. Effective communication is very important in every circumstance. References Cox, J., August 1, 2016, Yahoo ‘Aware’ Hacker is advertising 200 Million supposed accounts on Dark Web, Motherboard, retrieved from: https://motherboard.vice.com/en_us/article/aeknw5/yahoo-supposed-data-breach-200-million-credentials-dark-web Hern, A., September 23, 2016, Yahoo faces questions after hack of half a billion accounts, The Guardian, retrieved from: https://www.theguardian.com/technology/2016/sep/23/yahoo-questinos-hack-researchers Khandelwal, S. August 1, 2016, Hacker selling 200 Million Yahoo Accounts on Dark Web, Hacker News, retrieved from: http://thehackernews.com/2016/08/hack-yahoo-account.html McLean, S. 2005, The basics of interpersonal communication (p.112). Boston, MA: Allyn & Bacon. Mendelsohn, T., August 3, 2016, Yahoo investigating claimed breach and data dump of 200 million users, ARS Technica UK, retrieved from: https://arstechnica.com/security/2016/08/yahoo-email-data-breach-dump/ Moore, M., August 2, 2016, Millions of Yahoo users details for Sale on Dark Web-are you at risk? EXPRESS, retrieved from: http://www.express.co.uk/life-style/science-technology/695708/yahoo-accounts-hacked-for-sale-dark-web-peace-hacker Olenick, D., 2016, Hacker ‘Peace’ purportedly selling 200 million Yahoo user credentials on dark Web, SC Media US, retrieved from: https://www.scmagazine.com/hacker-peace-purportedly-selling-200-million-yahoo-user-credentials-on-dark-web/article/529976/ Pearson, J., & Nelson, P., 2000, An introduction to human communication: Understanding and sharing (p. 133). Boston, MA: McGraw-Hill. Thielman, S. 15th Dec, 2016, Yahoo hack: 1bn accounts compromised by biggest data breach in history, The Guardian, New York. Retrieved from: https://www.theguardian.com/technology/2016/dec/14/yahoo-hack-security-of-one-billion-accounts-breached Womack, B., Robertson, J. & Riley, M. Sept. 24, 2016, Yahoo Tipped off to Hack by report of Data Dump on Dark Web, Bloomberg Technology, retrieved from: https://www.bloomberg.com/news/articles/2016-09-23/yahoo-tipped-off-to-hack-by-report-of-data-dump-on-dark-web Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(Analysis of Yahoo Incident Case Study Example | Topics and Well Written Essays - 2000 words - 1, n.d.)
Analysis of Yahoo Incident Case Study Example | Topics and Well Written Essays - 2000 words - 1. https://studentshare.org/business/2087947-management-sommunisation-essay
(Analysis of Yahoo Incident Case Study Example | Topics and Well Written Essays - 2000 Words - 1)
Analysis of Yahoo Incident Case Study Example | Topics and Well Written Essays - 2000 Words - 1. https://studentshare.org/business/2087947-management-sommunisation-essay.
“Analysis of Yahoo Incident Case Study Example | Topics and Well Written Essays - 2000 Words - 1”. https://studentshare.org/business/2087947-management-sommunisation-essay.
  • Cited: 0 times

CHECK THESE SAMPLES OF Analysis of Yahoo Incident

Yahoo Case Analysis

Marissa's Initiatives for Configuring Yahoo, Remaining Challenges and analysis of Success PossibilityMarissa Mayer has initiated diversified changes in her bid to configure Yahoo!... … yahoo case analysis yahoo!... s Strategy and its Transition under the Different CEO's yahoo!... This implied attraction and retention of advertisers through yahoo case analysis yahoo!... s Strategy and its Transition under the Different CEO's yahoo!...
1 Pages (250 words) Case Study

Change of Social Habits of British Students since Their Arrival in the UK

The questionnaire mainly contains close ended questions to allow for preciseness and ease in data analysis.... … Have the social habits of overseas students changed to become move similar to the social habits of British students since their arrival in the UK?... NTRODUCTIONVisiting a new country that has totally new cultural beliefs, norms, values and practices Have the social habits of overseas students changed to become move similar to the social habits of British students since their arrival in the UK?...
6 Pages (1500 words) Assignment

A Negative Impact of the Social Media on the Student Performance

… The paper “A Negative Impact of the Social Media on the Student Performance" is a meaningful example of a research paper on sociology.... nbsp;The top management of the university strongly believes that the students spend most of their time chatting and communicating on Facebook.... The report will find out the time spend by the students on social media and the devotion to the university studies....
15 Pages (3750 words) Research Paper

Business Security System for Employee Theft Prevention

… The paper “Business Security System for Employee Theft Prevention” is a meaty variant of the research proposal on human resources.... Business organizations are faced with different challenges in the activities in order to achieve their goals and objectives.... This is because the business organization has to deal with different ethical issues that arise from the management of employees....
8 Pages (2000 words) Research Proposal

Strategic Analysis of Yahoo Inc

… The paper “Strategic analysis of yahoo Inc” is a great variant of a case study on business.... This report is about an in-depth strategic analysis of yahoo.... The paper “Strategic analysis of yahoo Inc” is a great variant of a case study on business.... This report is about an in-depth strategic analysis of yahoo.... The first one is a detailed analysis of the macro-environment in which Yahoo operates and how the current and future trends of the macro-environment factors affect the company....
10 Pages (2500 words) Case Study

Structure of the Indian IT Industry

… The paper "Structure of the Indian IT Industry" is a perfect example of a business case study.... The current economic crisis which started in the US is unique in many senses.... In no previous crisis, the countries of the world were so deeply interconnected with each other as today.... As a result, the effects of the crisis were not visible not only in the US but also in all the countries of the world....
7 Pages (1750 words) Case Study

Analysis of Critical Incident Techniques

… The paper "analysis of Critical Incident Techniques" is a great example of a marketing case study.... The paper "analysis of Critical Incident Techniques" is a great example of a marketing case study.... At the time of this incident, many emotions were running through me.... This incident wholly affected my stay at the hotel and in fact it made me contemplate how dinner will be served if that was the way employees treat customers....
8 Pages (2000 words) Case Study
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us