Below is a post that I wrote in 2011, back when we thought we were in the middle of the “Year of the Data Breach.” We weren’t — not even close. Yesterday I read an article referencing the Ford Pinto and the infamous cost-benefit analysis memo that led to the jury sending “the message” to Ford so I thought of re-sharing my golden oldie.
Here is my old post: Data Breach – Who’s Gonna Get It?
Video interview: Shawn Tuma discusses what to do if you believe your Yahoo account has been compromised – WFMJ NBC News, Youngstown-Warren, Ohio
Full news article: What to do if you believe your Yahoo account has been compromise – WFMJ.com News weather sports for Youngstown-Warren Ohio
______________________
Shawn Tuma (@shawnetuma) is a business lawyer with an internationally recognized reputation in cybersecurity, computer fraud and data privacy law. He is a Cybersecurity & Data Privacy Partner at Scheef & Stone, LLP, a full-service commercial law firm in Texas that represents businesses of all sizes throughout the United States and, through its Mackrell International network, around the world.
The Basic FactsYahoo announced that it had a data breach in late 2014 and 500 million users’ account information was stolen. The account information may include names, email addresses, telephone numbers, date of birth, passwords (most encrypted with bcrypt, but apparently not all), security questions, and security question answers.
People who have Yahoo-based services should immediately change their passwords, change their security questions and answers, not use the same password on multiple accounts, and implement dual factor authentication where available.
In its notification message, Yahoo subtly invokes the “it’s not our fault, we were the victim of a state-sponsored actor attacking us” defense. I do not blame Yahoo, it works. It uses the words “state-sponsored actor” twice in the first paragraph and twice in the fourth paragraph:
The Latest Data Breaches
