In 2013 there was a breach in yahoo’s cybersecurity that would become the largest cybersecurity breach in history. The attack was to steal information from yahoo’s users such as backup emails, security questions, and passwords. Initially yahoo discovered in august of 2013 that a group infiltrated their network and stole around 1 billion users’ information. Yahoo discovered this and decided to handle the investigation of this internally to not publicly disclose the attack. Although the company did not investigate this serious cybersecurity breach properly as an outside cybersecurity organization investigated the attack found that yahoo had more than enough reason to investigate the breach further, but they ignored it. Years later, yahoo discloses that it was not just a billion users’ information compromised, but it is in fact every yahoo user. Which is around 3 billion people whose backup emails, security questions, and passwords are now in the hands of whoever committed the attack.



The next question is who committed the largest cybersecurity breach in history? The truth is that no one has been found guilty, but yahoo has made some remarks saying that they believe that it was a state-sponsored attack hinting that it may have been China or Russia. No one can really determine for sure but as for how the perpetrators committed the intrusion a state-sponsored attack is very malicious in how it can take down entire networks. Normal cyber attacks can make a lot of ‘noise’ and set off a lot of alerts leading the company to reveal that they have been attacked publicly. Although with state-sponsored attacks the idea is to make little noise and to extract as much information as possible. So, in the instance with yahoo is they discovered that someone has accessed a billion of their users’ information and they assumed that, this would be the end of it. The truth is that whoever accessed this information must have gotten into the network by placing hidden malware into their system. Once someone in yahoo unlocked the hidden malware however long it took could have given the people responsible for the attack the ability to begin attacking their network in a way that could steal a billion users’ information without raising too many alarms. One way is once someone releases the hidden malware the people attacking could have been able to gain administrative access in their network. Meaning that they had complete control over their entire network and stole a billion users’ information then left the network or so yahoo thought. Then left more hidden malware lying dormant for months or even years before it would be activated to then steal their entire networks information with every users’ passwords, backup emails, and security questions. After the initial attack of a billion users being compromised yahoo decided that they would not publicly announce the attack occurred until around a whole year later. They did not investigate their network properly after a third of their information was stolen from them, the organization still thought that it would be impossible that their entire network would be compromised. So, when it is discussed how this occurred it is partly that a very malicious and challenging state-sponsored attack attacked yahoo, but in the same vein yahoo did not investigate their network security thoroughly enough even after the largest cybersecurity breach in history which should have given them a hint that their entire network maybe compromised. It is not entirely on yahoo’s negligence that lead to this cybersecurity breach; state-sponsored attacks are incredibly difficult to defend against. The reason some countries do this is because it is very rewarding in terms of information and does not cost a lot of money to perform. These attacks are very low risk in terms of being caught the reason being that these attacks make little noise and they often mask where their signals are coming from by bouncing them around different countries. State-sponsored attacks are highly successful as most people put it if you are being attacked by a state sponsored attack the only way to prevent or to stop such a malicious attack is to have a state sponsored entity to help prevent an attack of that magnitude. Over the years these attacks are only increasing. Yahoo must have not considered itself the target of other nation states and thought that they could handle their own security clearly that was a mistake. As state-sponsored attacks increased the company should have realized that they may be the target of one; and get the security prevention, and detection that the company clearly needed before another nation state attacked them.



The aftermath of this attack should have been more devastating than what most people thought. The attack occurred at a pivotal moment when Verizon was going to buy yahoo and then the attack occurred. The first attack with 1 billion users compromised then a separate cyber-attack that occurred in 2014 that compromised 500 million users. Back four years ago people were wondering what was going to happen to this company that was once valued at $100 billion that is now going to be selling their company to Verizon for $5.16 billion during the cybersecurity breach attacks in 2013 and 2014. This clearly gave Verizon serious doubts and made it easier for them to negotiate their price of the company down. Then in summer of 2017 yahoo was sold to Verizon at a reduced price to $4.83 billion.  Then in 2017 yahoo admits publicly that their entire network is compromised and that it is possible that all 3 billion users were compromised which probably brought the price that Verizon would pay for yahoo down even further.