Yahoo data breach is a wake-up call for cyber risk exposures
Businesses and insurers must improve their understanding of cyber risk exposure in the wake of Yahoo admitting the data of 500 million accounts had been stolen in 2014, according to data analytics company Sciemus.
In a statement given by Yahoo, Bob Lord, chief information security officer, said: “A recent investigation by Yahoo has confirmed that a copy of certain user account information was stolen from the company’s network in late 2014 by what it believes is a state-sponsored actor.
“The account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords and, in some cases, encrypted or unencrypted security questions and answers.”
Nick Beecroft, director product innovation and strategy at Sciemus, stated: “This is another reminder of the need for businesses and insurers to improve our understanding of cyber risk exposure. The challenge for insurers is to continue to develop products and underwriting approaches that can match clients’ exposure to sophisticated threats.
“In order to remain relevant, insurers will need to employ the expertise to understand cyber risk exposure and the flexibility to cover the many different forms of loss that can arise through cyber attack.”
Daniel Carr, director of cyber security at Sciemus, added: “The Yahoo breach could be a watershed moment in cyber security. Large organisations need to expect more extreme cyber events in the future and not rely on history as any kind of accurate guide to the future of cyber security.
“While the economic impact of the breach has been played down because it did not directly expose payment card information, the sheer scale of the breach is another reminder of how much data in the modern economy is concentrated on digital networks.
“Email is users’ gateway to the internet and this breach has highlighted the specific vulnerability of email. It has been known within the security and cyber world for the past one or two years that one of the cryptographic methods reportedly used by Yahoo, MD5, is weak. However, addressing such rapid changes in technology will continue to pose significant challenges and residual risk exposures for large organisations.”
Already registered?
Login to your account
If you don't have a login or your access has expired, you will need to purchase a subscription to gain access to this article, including all our online content.
For more information on individual annual subscriptions for full paid access and corporate subscription options please contact us.
To request a FREE 2-week trial subscription, please signup.
NOTE - this can take up to 48hrs to be approved.
For multi-user price options, or to check if your company has an existing subscription that we can add you to for FREE, please email Elliot Field at efield@newtonmedia.co.uk or Adrian Tapping at atapping@newtonmedia.co.uk
Editor's picks
Editor's picks
More articles
Copyright © intelligentinsurer.com 2024 | Headless Content Management with Blaze