500 million Yahoo accounts were hacked: What we know so far



The fallout isn’t over.

As if going from dot-com darling to afterthought wasn’t unfortunate enough, Yahoo today confirmed data of at least 500 million user accounts were stolen from its network in 2014 in what many are describing as the “biggest cyber breach ever.”

The internet company said cyber thieves may have gotten off with personal information, such as names, email addresses, phone numbers, birthdates, security questions and answers, and encrypted passwords. Payment and bank account information, on the other hand, don’t appear to have been compromised.

Yahoo also confirmed the breach was carried out by a “state-sponsored actor” who are no longer in its network. As to whom it was referring to — your guess is as good as mine, though it wouldn’t be unreasonable to suspect hackers in China, North Korea, or Russia could be behind the theft, which is starting to sound like the plot of a Mr. Robot episode.

Yahoo says it is working closely with law enforcement and has started notifying “potentially affected users.” On its website, the company urged all its users to change their passwords and security questions and use its two-factor authentication tool to secure their accounts. We encourage you to do the same post-haste. And while you’re at it, change your Flickr and Tumblr passwords as well because Yahoo owns both services.

It remains unclear when Yahoo learned about the breach and why it has gone radio silent about it until now, but it may have something to do with its on-going merger with Verizon Communications, which has agreed to buy its internet business for $4.8 billion in cash.

Not being upfront about the attack is one thing, but millions of users opting out of Yahoo services altogether could have a drastic impact on Yahoo’s market valuation and may prompt Verizon to adjust its offer. In a statement, the U.S. carrier said it “will evaluate as the investigation continues.”

[irp posts=”3603″ name=”#TBT: RIP, Yahoo. You had a good run”]

Image credit: Insane Visions


US is calling Huawei, ZTE a national security threat

The odds aren’t in China’s favor



The U.S. Federal Communications Commission (FCC) designated Huawei and ZTE as a national security threat. This doesn’t come as a surprise since the US has been trying to sideline the two Chinese telecom equipment companies for months.

However, with the new designation comes a flood of bad news for the two companies. The action means carriers won’t be able to use money from federal subsidies to buy or maintain equipment from the two companies. While the US has actively tried to reduce its dependence on Huawei or ZTE gear, the latest announcement is an indication of escalation.

FCC Commissioner Geoffrey Starks said on Tuesday that “untrustworthy equipment” continues to remain a part of US telecom infrastructure. He asked Congress to allocate funding to replace the remaining equipment.

Three state-controlled telecom operators — China Telecom Americas, China Unicom Americas, Pacific Networks Corp, are also on the grinding block. FCC is considering termination of its authorization to operate.

Huawei is combatting issues on multiple fronts at the moment. The US has lobbied allied countries to avoid Huawei or ZTE technology. Furthermore, Huawei is barred from transacting with American counterparts like Google. Its consumer smartphone division has come to a startling halt since the phones can’t run the full capabilities of Android via Google Mobile Services.

ZTE too has been out of luck. In 2018, US President Donald Trump had said that of the two vendors, ZTE could continue trading after paying a fine of US$ 1.3 billion, and providing “high-level security guarantees.” However, the latest designation again puts the company in an impossible spot.

Continue Reading


US plans to spy on Android, but hates Huawei for allegedly doing the same

New bill plans to install backdoors on Android



The US government’s crusade against Huawei’s alleged China-backed spying is well documented. For years, the Trump administration has obsessed on the prospects of banning the Chinese company from their shores for good. Throughout the entire battle, the motivation has always been the same: Huawei can leak American state secrets to the Chinese government.

However, outside of their cybersecurity battle with Huawei, the US is dealing with an internal cybersecurity problem on its own. More and more American citizens are concerned about how the government and big corporations are using their data. Protesters are demanding more accountability from huge social media networks. Some companies have also started boycotting Facebook as an advertising platform.

Though the current conversation rallies against social media, the American government wants to wrestle for more control over the data of its citizens. Last week, the Republican government introduced a new bill — the Lawful Access to Encrypted Data (LAED) Act — that would require tech companies to provide the government unimpeded access over the data of its users.

The bill will supposedly ease the efforts of law enforcement agencies, especially in detecting any potential criminal or terrorist threats inside the US. However, it will naturally present another problem for concerned users: the American government can potentially spy on your phone. Ironically, it’s the same problem the government had with Huawei. However, the government doesn’t seem to mind the infraction as long as they have control over their own data.

Naturally, this should also concern users even outside of the US. Today, Android remains the world’s most popular operating system. If the bill comes to pass, the American operating system will have backdoors which can allow governments, national or foreign, access to any user’s data.

Also, instituting an officially sanctioned backdoor is like painting a huge target on everyone’s phones. Though operating systems can inherently have vulnerabilities, an official vulnerability is prime pickings for a malicious hacker.

Regardless, cybersecurity experts and companies are opposing the bill’s passing. At the very least, the battle against “counter-terrorism” isn’t over yet.

SEE ALSO: US wants to work with Huawei for 5G tech

Continue Reading


Advertisers are pulling their ads from Facebook

New policy changes still haven’t instilled confidence



Verizon, one of America’s telcos, is pulling its advertisements from Instagram and Facebook. The move comes amid a growing movement to boycott the social network for not doing enough to stop hate speech on its platforms. Furthermore, Unilever’s joining of the boycott put significant pressure on Facebook.

In response, Facebook CEO, Mark Zuckerberg, confirmed the company will change its policies to prohibit hate speech in its advertisements. Just a few days ago, the social network had declined to take a firm step against hate speech and political ads on its platform. In contrast, competing micro-blogging platform, Twitter, took the higher road and even labeled President Trump’s tweets.

Zuckerberg said Facebook will do more to protect immigrants, migrants, refugees, and asylum-seekers from ads that suggest they are inferior to other groups. However, the recent announcement hasn’t extinguished the fire since it’s clearly evident Facebook succumbed to pressure and has no moral ground left to stand on.

But the recent policy changes aren’t major and will have minimal impact. The platform will label but leave up posts deemed “newsworthy” that violate company policies. Users who try to share that content will get a prompt reminding them that the content they’re sharing may violate the company’s policies.

These policy changes aren’t changing the advertiser’s mood though. Not long after Zuckerberg’s announcement, Coca-Cola and Hershey said they, too, were pulling back. Facebook’s stock has already taken a hit and with elections just around the corner in the US, Facebook is sure to be in the middle of it all. According to a list compiled by activist group Sleeping Giants, more than 90 companies have publicly joined the advertising boycott.

Many Facebook employees have also publicly stated their disagreement with the company’s moderation and content policy. Jason Toff, director of product management, tweeting that he was “not proud” of the company’s position.

Continue Reading