Yahoo hack: what clients need to know
Last week, Yahoo! Inc announced their second major security breach of the year as more than 1 billion user accounts were compromised.
Whilst the data contained names and email address rather than more sensitive information, the hack has hit Yahoo! at a terrible time, with their merger with media giant Verizon still pending.
Shares of the firm dropped almost 3% on the back of the news that an apparent state sponsored hacker hit the web giant, Bloomberg reported.
The news of the hack will help spur the development of cyber insurance both in Australia and around the world as people and businesses realise that no business is safe from cyber attack.
Meena Wahi, a cyber insurance specialist and director of Cyber Data-Risk Managers, said that the Yahoo hack could have several implications on the cyber insurance market. Reputational damage to Yahoo and any implications of the deal with Verizon could test the limits of cyber payouts.
Wahi said that, for brokers and their clients, it is important to use the Yahoo hack as an example of the importance that insurance plays and how to react in the event of a breach.
“I would tell clients to disclose as soon as possible and immediately hire a PR company, which cyber insurance usually provides,” Wahi told Insurance Business.
“Smaller business, if they can’t operate for a few days and don’t have insurance, they must take into account that cyber incidents may not be covered by any other type of insurance. If they go offline and their systems can’t function then how are they going to claim the loss of business profit, business revenue?”
Wahi noted that even though Australia does not yet have mandatory breach notification laws, disclosure is still mandated under the Privacy Act and if businesses take too long to disclose in the event of an attack, the laws may become more stringent.
With the headline grabbing news of 1 billion users impacted, it is easy to forget some of the issues tangentially linked to cyber insurance, which could also have a major impact on clients.
“Reputation, privacy and trust are the issues getting lost in terms of the big news around 1 billion records getting hacked,” Wahi continued.
The example of Yahoo shows that any business can be a target and indeed fall foul of an online attack. Businesses that ignore the increasing impact of cyber risk will do so at their own peril.