The recent attack on Yahoo! highlights a fact that Binary Limited has been trying to get all business owners to be aware of – all businesses, no matter how big or small, are vulnerable to hackers. If hackers attack Yahoo! they most can certainly attack your business. The headline “Hackers Attack Yahoo!” caused brand and perceived damage that easily equals any “real” damage.
Similar to the attack on LivingSocial, no reports of serious loss has been reported. The nuisance factor will however, be annoying for many Yahoo! customers and users and there will be a lingering doubt as to the integrity of service. I know of some users who have switched over to other service providers or have created secondary email accounts “just in case”. This lack of consumer confidence in a service provider is less than ideal and puts other aspects of their service at risk of being tarred with the same brush.
The statement from Yahoo!:
At Yahoo! we take security very seriously and invest heavily in protective measures to ensure the security of our users and their data across all our products. We confirm that an older file from Yahoo! Contributor Network (previously Associated Content) containing approximately 400,000 Yahoo! and other company users names and passwords was stolen yesterday, July 11. Of these, less than 5% of the Yahoo! accounts had valid passwords. We are fixing the vulnerability that led to the disclosure of this data, changing the passwords of the affected Yahoo! users and notifying the companies whose users accounts may have been compromised. We apologize to affected users. We encourage users to change their passwords on a regular basis and also familiarize themselves with our online safety tips at security.yahoo.com.
Yahoo! has also published more details and useful information here.
The real question is, if hackers attack Yahoo! what do you think is stopping them from attacking your business? And more importantly, what can you do to protect your emails from hackers?
- Choose a strong password – passwords like “password” or your birthdate are not strong passwords
- Change your password from time to time – we recommend changing your password at least once every quarter
- Avoid having sequential passwords – for example, password1, password2 etc.
- Archive your emails including any attachments periodically, back up this information and store it securely
- Avoid emailing your personal financial information – password protect attachments where possible
- Delete emails that verify other accounts you may have
Obviously we recommend that you contact Binary Limited to work through specific solutions for your business.