Build an attack case study report using this template.

If you need help, refer to the instructional video.

There are five content slides plus a title slide in this

template. You can receive up to 20 points for each
content slide. You need 80 points to pass this
assignment.

For your best chance of success, pick an attack or

Instructions breach with enough information and data so that you
will be able to report the required information.

Replace the red text on each slide with your

information and change the text color to black or
white, depending on the background. You can change
the font size, if needed.

When your report is complete, delete this slide and

save your file as a PDF to submit for review.
Case Study

Data Breach

Yahoo/Yahoo Users, Security

Community and Industry

© Copyright IBM Corp. 2023

 Data Breach
A data breach attack is a cyberattack in which unauthorized
individuals or entities gain access to sensitive or confidential
information. This can occur through various means, such as
exploiting security vulnerabilities, phishing, malware, or social
engineering. Once inside a system or network, attackers can steal,
manipulate, or leak data for malicious purposes, including identity
theft, financial fraud, or corporate espionage. Data breach attacks
can have severe consequences for individuals and organizations,
leading to financial losses, reputational damage, and legal
Attack Category: repercussions. Preventative measures like robust cybersecurity
Data Breach practices and employee training are crucial in mitigating the risks
associated with data breaches.

During the first quarter of 2023, more than six million data records
were exposed worldwide through data breaches. Since the first
quarter of 2020, the highest number of exposed data records was
detected in the fourth quarter of 2020, nearly 125 million data
sets.
 Yahoo
Yahoo is primarily known for its web portal, which offers a variety of
online services, including a search engine, email (Yahoo Mail), news,
sports, finance, and entertainment content. It has been a significant
player in the early development of the internet and played a crucial role
in popularizing the web during the late 1990s and early 2000s .

Yahoo Data Breach 2016

The data breach at Yahoo occurred in 2014 but was not publicly disclosed
Company until September 2016. Yahoo announced that data associated with at
least 500 million user accounts had been compromised. Later, in
Description and December 2016, Yahoo disclosed another breach dating back to 2013,
Breach Summary affecting over 1 billion user accounts. These two breaches collectively
make it one of the largest data breaches in history.
The stolen data included personal information such as names,
email addresses, phone numbers, birthdates, and hashed
passwords. In some cases, encrypted or unencrypted security
questions and answers were also accessed.
The breach had significant consequences for Yahoo and its users.
It eroded trust in the company's ability to protect user data and
resulted in legal and financial repercussions for Yahoo.
 Late 2014 to Early 2016 – Initial Breach
The Yahoo data breach actually occurred in two separate incidents. The first breach, which took place
1 between late 2014 and early 2016, was not publicly disclosed until September 2016. During this breach,
cybercriminals stole data associated with at least 500 million Yahoo user accounts.

July 2016 - Discovery of the Breach

Yahoo discovered evidence of the data breach during a cybersecurity investigation. The
2 company realized that a large amount of user data had been compromised, including email
addresses, passwords, and security questions.

September 2016 - Public Disclosure

Yahoo publicly disclosed the breach in September 2016,
3 acknowledging the theft of 500 million user accounts. This revelation marked one of the
largest data breaches in history at the time.
Timeline
December 2016 - Second Breach Disclosed
In December 2016, Yahoo announced another, separate data breach that had occurred in
4 2013. This breach had compromised over 1 billion user accounts, making it even larger
than the earlier breach.

Investigation and Attribution

Yahoo worked with law enforcement agencies to investigate the breaches and determine who
5 was responsible. The U.S. government later attributed the attacks to Russian hackers.

Impact and Fallout:

The data breaches had significant consequences for Yahoo, including a decline in its reputation
6 and a decrease in its acquisition price by Verizon, which had been in the process of acquiring
Yahoo's internet assets.
Vulnerabilities
Weak Password Encryption
Delayed Detection
Inadequate User Authentication
Failure to Encrypt Security Questions

Weak Password Delayed Detection Inadequate User Failure to Encrypt

Encryption Yahoo took a Authentication: Security Questions
considerable amount of Yahoo's user Yahoo did not encrypt the
Yahoo stored user
time to detect the data authentication processes security questions and
passwords using breaches, with the first and security questions answers stored on its
outdated and weak breach occurring were not robust enough servers. This allowed
encryption methods, between late 2014 and to protect user accounts. attackers to access and
such as MD5 and early 2016 but not being Attackers were able to use this information for
SHA-1, which are no publicly disclosed until use stolen security various malicious
longer considered September 2016. The questions and answers to purposes, including
delayed detection gain unauthorized access unauthorized account
secure. This made it
allowed the attackers to to accounts. access and identity theft.
easier for attackers to maintain access and
crack and access user exploit user data for an
passwords. extended period.
 Costs Prevention

• Financial Costs • Improved Security Practices

• Reputation Damage • Enhanced User Authentication

• Legal Consequences • Increased Security Awareness

• User Churn • Timely Breach Detection

Costs and
Prevention