Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
behind the attack. In my opinion the type of perpetrator was most likely a hacker because
this perpetrator seemed to test the limits of the system and gain information. This happens
often but the risk level is minimal.
What could have prevented it?
Security was not a top priority for Yahoo before these two incidents and it clearly
should have been their very top priority. Having such big databases with tons of
information makes these companies more susceptible. Yahoo may still have a vulnerable
spot that needs to be changed for security breaches to be prevented in the future.
What steps did the responsible parties take afterwards?
Since the breach was not announced until years after the occurrence yahoo was
slow to adopt aggressive security measures (Goel and Perlroth, 2016). Yahoo did advise
all users to change their passwords and passwords of accounts tied to their yahoo
account. They also began working with top security executives to enhance their security.
Security Breach Two: National Childbirth Trust
Who was affected and what happened?
The National Childbirth Trust (NCT) revealed that they had a data breach that
compromised 15,000 new and expectant parents information. It was assured that their
sensitive and financial information was not accessed.
How was it done? Could it have been prevented?
It is unknown how the hack happened. It is known that healthcare organizations
are at increased threats for cyber attacks because they may access sensitive information
that can be sold in the underground markets. The type of perpetrator was most likely a
hacker or cracker because the resources were limited and no financial information was
stolen. Since it is still unknown how the hack happened, NCT has no prevention policy
published. Though we can assume that a higher amount of security knowledge in the
company and having more security technology in place would have prevented a breach
like this.
What steps did the responsible parties take afterwards?
The hack was reported to the policy and the UKs data watchdog. The letter sent
to the affected parties advised them to change their passwords as soon as possible for
precautionary measures. No big company change within the security department was
reported in the article.
Conclusion
In conclusion, both big and small hacks are huge deals because they compromise
the security of people who had given the company information that they trusted would
not be seen by unauthorized people. Luckily, as seen above, there seem to have been only
minimal consequences in relation to these two data breaches.
5
References
Goel, V., & Perlroth, N. (2016, December 14). Yahoo Says 1 Billion User Accounts
Were Hacked. Retrieved December 28, 2016, from
http://www.nytimes.com/2016/12/14/technology/yahoo-hack.html
MacGregor, A. (2016, April 8). Childbirth charity hack leaks 15, 000 expectant parents
data. Retrieved December 29, 2016, from
https://thestack.com/security/2016/04/08/childbirth-charity-hack-leaks-15000expectant-parents-data/
Rouse, M. (2010). What is data breach? - Definition from WhatIs.com. Retrieved
December 29, 2016, from http://searchsecurity.techtarget.com/definition/databreach