MENU

Yahoo Data Breach Could Have Effects That Extend Beyond Emails, Experts Warn

Close

In reference to the reported breach of Yahoo's more than 500 million user accounts, the danger that those acquired information will be used in accessing related services poses a future risk to people across the globe.

A couple of years after the incident, it is conceivable that this ripple can cause a huge wave of troubling proportions which will eventually compromise existing databases.

"It is more like global warming than it is an earthquake. It builds up gradually," says Shuman Ghosemajumder, the Chief Technology Officer of California-based Shape Security.

In early July, Motherboard journalist Joseph Cox has been receiving dossiers of inputs taken from the company system. The hacking of Yahoo accounts has come to light weeks later when a cybercriminal identified as Peace introduced a set of 5,000 record samples plus the revelation that 200 million more are in the market.

With the startling information, Cox makes his story public. However, the journalist fails to present the background of Peace. In fact, contrasting facts have been narrated. For instance, Peace's sample needs a second encryption in order to be accessed whereas Yahoo requires only one password.

In the days that followed, the darknet market, which probably dealt data to bidders, has been humming with hacking activities that left the domain impassable.

Until now, it remains uncertain who holds the stolen data considering that various suspicions abound including one that broaches a state-sponsored approach.

It is likely that this situation will linger on with Yahoo under heavy scrutiny judging from its statement that security questions had also been compromised along the way.

In the midst of Yahoo's culpability, compounding the impact of the breach is also associated with stubborn user behavior. It takes into account every person's tendency to reuse passwords. In fact, Cambridge University's Security Group projects that the recycling of encryption codes reached 49 percent.

Hacked passwords that are transacted in darknet domains usually end up in password databases. This is where the big problem arises. The codes will be used and re-used until such time that it will eventually open a cache of information. It will be a long and strenuous process but once it cracks an account or a domain, the hard work eventually pays off for the hackers and seriously undermines the privacy of the users.

According to password cracker Jeremi Gosney, it is the equivalent of trying millions of different keys on a particular door.

When LinkedIn experienced Yahoo's fate in 2012, a hundred million user accounts ends up in cyber underground dumps. One password has been eventually used on Dropbox that led to the exposure of 68 million accounts and hashed and salted passwords. In a sense, the codes are being utilized in other domains.

ⓒ 2018 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Real Time Analytics