We blogged last month about how Linkedin, eHarmony and Last.fm all failed their customers in the space of a week. We said at the time that this won’t be the last in a sorry list of customer security fails, and we didn’t have to wait long. Hackers released a file online containing a myriad of information including usernames along with unencrypted passwords of 453,000 Yahoo customers. The hackers justified their actions by claiming it was a “wake up call and not a threat”.
Yahoo has faced many problems as of late with falling revenues, boardroom and shareholder fall-outs, shake-ups and more. This is the last thing the former Internet search king needs right now.
Security experts are left asking the question as to why such a large player would store such a large amount of sensitive data unencrypted, especially given the high profile and bad publicity that such hacks bring. Some are even asking whether the management should be held criminally negligent in not storing the data in an encrypted format.
Alas, I still feel this will carry on for some time, with big players being exposed until they start to understand the seriousness of such situations, and maybe a class action case for criminal negligence against the Directors could be the wake up call that such companies need.
Have you had your password or privacy unlawfully breached? Let us know, and how it made you feel.