Yahoo! Data Breach Class Action Lawsuit

Filed under Legal by on 2012/08/07 at 11:10 pm {no comments}

Yahoo! Data Breach Class Action Lawsuit

The Yahoo! Data Breach Class Action Lawsuit was because more than 400,000 users had their usernames and passwords exposed. The victim, Jeff Allan got  a fraud alert from his eBay Account. He used the same credentials for his eBay account as his Yahoo! account. He said the company did not protect his personal information. So Jeff Allan filed the lawsuit saying that the company owed him and other users and needs to pay the victims.

So what actually happened that brought about the Yahoo! Data Breach Class Action Lawsuit? Apparently in July D33Ds Company leaked more than 400,000 usernames and password of those with accounts with the company. However the company said that of the usernames and accounts stolen, less than 5% were valid passwords.  D33Ds Company of course said that they were responsible for the hack and said that there were a lot of security holes that can found on the webservers of the company.

Yahoo! provides Internet based services to millions of users monthly. Yet the company did nothing to protect its users from hackers and cyber attacks. As a result the Eastern European hackers decided to expose the company for its non-existent security measures. The company actually bought Associated Content in 2010. The independent publishers who had Associated Content accounts had their accounts transferred over to Yahoo! when the company acquired it.  Then in November 2010, the company launched the Yahoo! Contributor Network. This was supposed to be better than Associated Content. This platform would allow for more than 450,000 writers to write content  for other of its media sources such as Yahoo! News, Yahoo! Finance and Yahoo! Sports. Another thing that the company created in December 2011 was Yahoo! Voices. This is a digital library for content – especially content written by those who had previously had the Associated Content accounts. Those who wrote here would be be able to earn income when the company published their content and were considered a part of the Yahoo! Contributor Network.

The hackers who attacked on July 11 used SQL injection attack. What this does is insert malicious commands in the normal command streams between a website and the database software. So if there is no filter between the two, it can be easy to grab personal information from the database. So the attacker actually provides commands and asks for users’ login credentials.  If the company had encrypted its data, this would not have happened. This is especially serious because a lot of people usually use the same login credentials for different accounts and website. So there is a potential for real harm here.

There have been many cases where other companies have also been attacked. The latest that I can remember is LinkedIn. LinkedIn also did not protect its users from data breach. Maybe that is why the hackers were able to hack in so easily. I do not know why other companies do not learn from the attacks. Maybe they think that they are invincible or that the information that they have on their users are not important. However when you think about this, this is very serious.

You can be exposed to identity theft and your good credit can be destroyed for a long time. It is very difficult to get anything these days if you have bad credit. I have know that some of my friends who have had their identities stolen have spent years to fix the damage done to their credits without much success. It is heartbreaking that someone could do that to innocent hardworking people. They could not buy a house. They could not even buy a new car.

I cannot imagine losing all that through no fault of your own. So if you do have a Yahoo! account, make sure that you change the login information immediately. Also make sure that you change the login information for other accounts where you have used the same username and password. I know that I use the same username and password for many accounts. Many people do the same as nobody can remember a ton of usernames and passwords. I have tried to change to different ones but it became problematic fast because I could not remember any of them and finally gave up and went back to my original login information. So please be very careful if you do that.

The best of the web is brought to you by Hubsly.com.