PROVIDENCE, R.I (Legal Newsline) — Yahoo’s data breaches are a wake-up call to users that online information needs to be protected, a data privacy
“Very sophisticated companies are becoming
victims to very sophisticated cyber intrusions,” said Linn Freedman, chair of the data privacy and security team for Robinson & Cole in Providence.
“People need to understand that when they are using free
email services that their information is accessible not only to the company, but
they are putting themselves at risk whenever they are putting their personal
Earlier this year, Yahoo announced that 500
million user accounts were hacked in 2014 and 1 billion accounts were compromised in 2013.
Yahoo has not yet identified who was behind the
most recently reported incident but has said a state-sponsored hacker was
behind the 2014 attack.
Yahoo’s breach is the largest one to date and likely to cost the company, Freedman
said. Even if it successfully fends off litigation, it could take millions in attorneys fees to do so.
“If you take the 1 billion plus the 500,000 back in
September, the 1.5 billion has been reported to be the biggest data breach in
history," Freedman said. “They’ve already been sued in class action litigation for
the one in September and there is no question there will be additional
class actions cases that will be brought as a result of this one. So that is
She said the most likely course of action for Yahoo will be
to file a motion to dismiss the legal claims against them.
“The argument would be that the types of date elements that
were compromised in this case will not lead to identity theft or fraud or
actual harm by the Yahoo users,” she said. “Filing a motion to dismiss will say that the plaintiffs
do not have standing because they haven’t actually suffered harm. The fear of a
future harm is not sufficient for a cause of action. That is what we usually
see in these cases.”
Freedman also noted that among those accounts
compromised were reportedly 150,000 government accounts - “Which would include, potentially our spies and our national
security advisers, congressional aids, congressmen. That is pretty
significant [and very concerning]."
One of the other major concerns with the breach, Freedman
said, was that security questions for accounts were compromised.
"I think that is significant here because security questions
are supposed to be questions that people don’t know the answer to and can’t
just get on the web and now all of the security questions and answers of a
billion people are out there on the dark web," she said.
Cyber-security officials found data being sold on
the dark web for $300,000 for each piece of information before the breach was
made public, CNN reported. Freedman recommends anyone with a Yahoo account should change
their passwords and their security questions.
"The type of information here, when aggregated with other
information that is out there on the dark web, has the potential to provide a
lot more information about individuals," she said. "People really need to take measures to
protect themselves here.”
Freedman’s tips for online users include:
the amount of information you are putting online;
different passwords and different phrases across platforms;
careful about the apps you use; and
“All of these things are good cyber hygiene for
individuals,” she said. “You might not be able to protect 100 percent of your
privacy but you can certainly protect yourself from being victimized.”