UK! watchdog! slaps! Yahoo! with! £250k! fine! for! 2014! data! breach! Yahoo!'s UK limb has finally been handed a £250,000 fine for the 2014 cyber attack that exposed data of half a million Brit users. Russian hackers broke into Yahoo!'s servers and slurped info on circa 500 million international account holders, including names, email addresses, phone numbers, birthdates, hashed passwords and …
Do feel valued as Ireland levied zero! What did Helen Dixon and her merry band of lite-touch regulators do instead? They did what paper-pushers do, they wrote a report! Covering up breaches, just the cost of doing business. This is what happens when Irish politicians bend-over for US Tech Giants. GDPR, bring us justice:
https://www.rte.ie/news/2018/0607/968947-yahoo-data-breach/
This post has been deleted by its author
To think: Marni Walden believed she had earned Verizon's CEO position for buying this piece of junk. This was an entity which, minus it's stake in Alibaba, had been given a negative valuation by the investment banks. Only in the topsy-turvy world of Telecom.
But...but...we need to give Telcos the right to prioritize our Internet traffic because they are so "innovative."
They seem to think they need to build up to it, that it needs to be REALLY heinous to justify it. They should be counting down FROM the maximum when deciding penalties. What companies did prior, during and after a breach, what efforts to inform were made, justifications and documentation made etc.
If Yahoo isn't a maximum breach given the number of people involved, then what the hell is ICO?
It does make you wonder what other forces was at play here.
Yes it's easy to believe that this was exec dithering and cover up, but it doesn't rule out the fact they may have been coerced by some government types from over the pond to keep quiet, while they did what they did with the Ruskies.
Not suggesting that it makes it okay and it's still us consumers that bear the brunt of it, I'm just postulating we don't know what we don't know.
The hackers were also able to forge their own authentication cookies, changing your password was pointless, although still recommended, obviously
The ICO are a shower of weak c*nts
That £250,000 will just go to ICO executives bonuses, we all know this
I lost a few novice-user customers over this... as someone who deals with consumer PC repairs, no amount of password / security resets could keep the Yahoo / BT accounts secure. BT kept saying it must be a virus on the computer, and 'the technician' (me) needed to take yet another look at the PC as it must be infected. (Nope, completely clear).
Guess who the consumer tends to believe.
And there's only so many times that you can charge a customer, or do it for 'free' before someone says enough is enough.
Get in contact with the ICO, and ask difficult questions about why this fine was so pathetically low and what happens to the money, how will it be distributed to those who were actually affected
Even if it is just £0.50 per person, make them answer those questions, make them realise that real lives are affected by this fucking BS, because I dont think the ICO understands the seriousness of this, if they did, they wouldnt have been so weak in their actions
What a small fine considering the damage.
From a risk management perspective, it's cheaper to receive a fine from the EU than it is to integrate defense-in-depth measures on your commercial systems.
GDPR is great, but it still doesn't put enough responsibility on cloud service providers or 3rd party application vendors. You know, those with the most expertise who employ the least amount of people.
It's one of those political things which sounds good, but if you send enough money to us in Brussels, we'll ensure your fine isn't damaging; and we'll put the blame on the regular joe type company which employs 80% of the population.
I still don't get why the EU is still together. Sure, it makes a boat load of money for the elite and wealthy, but the average individual gets hosed over many times. Whenever rich and powerful people are for something... the rest of us should be very scared.
They should probably also take advantage of the direct debit discount, since they'll probably be paying fines on a regular basis.
Whaddaya mean there's no direct debit discount? My gas supplier offers me a discount for immediate payment and an even bigger discount if I let them take money out of my bank by direct debit (which I refuse to do, I'd need a much healther standing balance to risk that).
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
