This is the
talk page for discussing improvements to the
Yahoo! data breaches article. This is not a forum for general discussion of the article's subject. |
Article policies
|
Find sources: Google ( books · news · scholar · free images · WP refs) · FENS · JSTOR · TWL |
Yahoo! data breaches has been listed as one of the
Engineering and technology good articles under the
good article criteria. If you can improve it further,
please do so. If it no longer meets these criteria, you can
reassess it. Review: May 29, 2024. ( Reviewed version). |
Yahoo! data breaches was nominated as a Engineering and technology good article, but it did not meet the good article criteria at the time (March 31, 2024, reviewed version). There are suggestions on the review page for improving the article. If you can improve it, please do; it may then be renominated. |
A news item involving Yahoo! data breaches was featured on Wikipedia's Main Page in the In the news section on 23 September 2016. |
This article is rated GA-class on Wikipedia's
content assessment scale. It is of interest to the following WikiProjects: | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
I just wanted to post a quick note of appreciation to the many editors who contributed to this article. Thanks to everyone's efforts it was linked on the Main Page (in WP:ITN) barely a day after creation. Well done. - Ad Orientem ( talk) 20:10, 24 September 2016 (UTC)
I think the last paragraph of the Events section, about other actors having access to Yahoo´s data (meaning PRISM and MUSCULAR programs) is quite misleading as these are a different kind of data breachs. Maybe we could move this to the article´s ending in the "See also" section? Javier Jelovcan ( talk) 12:56, 28 September 2016 (UTC)
Just want to agree with Javier that these breaches seem quite separate. As a casual reader, it felt like the article was trying to make a political point. The government breaches probably don't belong in this article. People reading this article are interested in the specific breaches cited in the news recently, not in "every time that Yahoo user data has been compromised". — Preceding unsigned comment added by 2600:1017:B425:8ED4:5D1E:F33C:6EC9:9CCF ( talk) 16:44, 2 October 2016 (UTC)
While the article is named Yahoo! data breach it seems that 2 separate breaches were publicized more or less at the same time:
Not sure if those 2 breaches are in any way related (e.g. by motivation, by attacker, by method used in the breach etc.). I'm also not sure whether or not Yahoo has confirmed this breach to date. Maybe they try to damage control by only confirming the larger breach and trying to only imply that the previous breach occurred as well without explicitly confirming it?
So what should be done here?
Should the article be renamed to sth like "Yahoo! data breaches" or "2014 and 2012 Yahoo! data breaches" or "Yahoo! data breaches revealed in 2016"...?
Or should there be a new article for the 2012 breach? (And if so: what about the other social media accounts "Peace_of_mind" is selling? It looks like those sites were breached as well.)
Or nothing at all?
-- Fixuture ( talk) 17:26, 30 September 2016 (UTC)
There are a number of open questions I'd like to know the answers to if anybody has them (or can help find the answers to; Yahoo should have provided them already or clearer):
Note that these open questions may also be included in the article if they were/are not answered.
-- Fixuture ( talk) 18:06, 30 September 2016 (UTC)
There are reports of some 1 billion odd accounts ( New York Times, Wall Street Journal, TechnoBuffalo, and more). This appears to be a different breach than the one the article currently covers. We could either incorporate this into the current article and rename it " Yahoo! data breaches" or move the current article to " 2014 Yahoo! data breach" and create a new article 2013 Yahoo! data breach. However, as mentioned above, the current article also covers a 2012 data breach. I guess if this keeps up we'll see a data breach from Yahoo! every year. Falling Gravity 02:41, 15 December 2016 (UTC)
A few days ago User:FallingGravity removed the "2012 breach" section, saying that it's about the 2012 LinkedIn hack.
While that's correct the section also contained information on the breach that apparently occurred in 2012. As of right now the "July 2016 discovery" section contains parts of that now-removed section. However there is no section "2012 breach" despite there apparently being a third breach and it's missing much info that was previously found in the removed section such as the motivation of the hackers and the use of the data.
Should parts of it be restored? If so how (should the section be renamed, left as it is or a new section get added)?
-- Fixuture ( talk) 18:15, 2 January 2017 (UTC)
There does not appear to be even the most basic information posted related to this. Breach could mean anything, obviously it's implied credentials to the accounts were gained, but then what was done?
I assume passwords and contact information was downloaded for every account. What about individual emails, did the hackers download every email?
Did they download location information?
Contact Lists?
Calendar Appointments?
Where is the information — Preceding unsigned comment added by 108.29.37.45 ( talk) 18:27, 8 February 2020 (UTC)
The following discussion is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.
GA toolbox |
---|
Reviewing |
Nominator: Joereddington ( talk · contribs) 05:53, 27 March 2024 (UTC)
Reviewer: Sohom Datta ( talk · contribs) 06:52, 31 March 2024 (UTC)
Another security article in GA finally! I'll take this on tmrw, feel free to ping liberally in case I forget. Sohom ( talk) 06:52, 31 March 2024 (UTC)
Giving this an initial read, this is unfortunately going to have to be a quick fail since as it currently stands the article is a pretty long way from meeting the official good article guidelines. Particularly,
I think most of these issues can be solved by rewriting the article with some help from WP:GOCE. The sourcing behind the article is strong, and I definitely think a GA is within reason. I hope to see this article back at GA once the issues mentioned are fixed. Sohom ( talk) 17:22, 31 March 2024 (UTC)
GA toolbox |
---|
Reviewing |
Nominator: Joereddington ( talk · contribs) 06:34, 2 April 2024 (UTC)
Reviewer: Schierbecker ( talk · contribs) 18:17, 22 April 2024 (UTC)
This article appears to still be a little ways off from GA.
at least two others accessed user account informationconnected to Belan?
Yahoo also claimed that there was no evidence that the attackers were still in the systemWas this proven? Article suggests otherwise.
From October 2014 to at least November 2016, Belan and at least two others accessed user account informationUsing the fruits of the 2014 breach?
The filing noted that the company believed the data breach had been conducted through a cookie-based attackThe September filing or the November filing?
it was reported that account names and passwords for about 200 million Yahoo accounts were presented for sale on the darknet market site.Which darknet site? Was this related to the 2014 breach? Do we know if anyone purchased them?
On hold pending improvements. Schierbecker ( talk) 18:17, 22 April 2024 (UTC)
Schierbecker ( talk) 20:57, 30 April 2024 (UTC)
Former CEO Marissa MayerShould say "Former CEO Marissa Mayer, who was CEO at the time of the breach"
His memoir, written after his release,Try "His memoir published in YEAR".
In a letter to Mayer, six Democratic U.S. SenatorsDid she respond?
Before trial could commenceBefore the trial?
enlisted a Canadian hacker, Karim Baratov, to break into accountsTry "enlisted Canadian hacker Karim Baratov to break into accounts"
In June 2016, it was reported that account names and passwords for about 200 million Yahoo accountsTry "In June 2016 account names and passwords for about 200 million Yahoo accounts were listed for sale" on the darknet market site TheRealDeal." No comma before TheRealDeal. The source says "supposed credentials". Did further investigation substantiate whether this was real? Was "Peace"'s identity ever tied to an individual (or is alleged to be an individual) named in the FBI's indictment or in other inquiries? See p. 1271 in that pdf. Here Peace seems to claim he's just a data broker and is unsure of the providence of the material, saying it may have been from 2012. It's unclear if this alleged breach is one of the two this article deals with or a third breach.
Baratov, the only man arrested, was extradited to the United States
when?
In late November, Ireland's Data Protection Commissioner (DPC)This sentence could be split up.
Yahoo was not investigating the breach but just examining itWhat's a better way of saying this? That the DPC was unsatisfied with the thoroughness of Yahoo's investigation?
awaiting information from Yahoo on allegations that it helped the U.S. government scan users' emails,a whopper of an accusation (also echoed by Sputnik). Was this allegation connected with either of the two breaches that this article talks about? If so, say so.
Instead, Yahoo last week posted an alert on its website asking users who were potentially affected by the breach to “promptly change their passwords,” as well as any security questions and answers used to access their accounts. [2] I'll send a screenshot if you need.
Marissa Mayer had reportedly denied Stamos and his security team sufficient funds to implement recommended stronger security measures,recommended by who?
CEO Lowell McAdam said he wasn't shocked by the hackCEO of what company? Did Verizon renogotiate the deal as a result of the disclosure, as suggested here?
Mayer's equity compensation bonus for 2016 and 2017 was pulled.totaling $14 million. (p. 1279) Lots of good info here.
Yahoo eventually agreed to settlestrike unnecessary word "eventually".
the FBI officially charged four menstrike word "officially".
Yahoo's previous SEC filing on September 9, prior to the breach announcementThe first SEC filing was filed to fulfill a regulatory requirement for the Verizon sale? Should say so.
Verizon only become aware of the 2014 breach just two days prior to the Yahoo'sIt should be noted that Yahoo disclosed this to Verizon. (p. 1271, AU Law Review)
After Yahoo was identified by Edward Snowden as a frequent target for state-sponsored hackers, it took the company a full year before hiring a dedicated chief information security officer, Alex Stamosimplies that Stamos was hired to shore up security as a result of the Snowden leak, which highlighted security weaknesses at Yahoo. Was that so? Also the way this was written implies that Yahoo was slow to act on the revelations and that his hiring was overdue? True?
Neither breach was revealed publicly until September 2016.Try "Although Yahoo was aware" and use active voice. Maybe a good place to highlight the compartmentalization at Yahoo. Also somewhere in the body of the article.
significant implications for Verizon Communication's acquisition of Yahoo.Should mention that the acquisition was happening contemporaneously.
No information has been released about the method used.Use {{as of|YEAR}} for statements likely to become dated.
it took the company a full yeara bit arguementative. Be a little more objective.
Marissa Mayer had reportedly denied StamosIf I recall from the source correctly, this allegation should be attributed to Stamos, right?
he departed the company by 2015.does the source say why?
Belan and at least two hackers connected to him accessed user account information"Belan and allegedly two..." since these individuals haven't been prosecuted.
The Federal Bureau of Investigation (FBI) confirmedwhen?
In a regulatory filing in 2017,SEC? Mention the agency.
all three billion user accountstry "all three billion Yahoo accounts".
The four men accused include Alexsey Belan, a hacker on the FBI Ten Most Wanted Fugitives list,presumably you mean that Belan was on the FBI most-wanted list, not that there was another individual that was also on the most-wanted list.
The FBI claimed that Karim Baratov was paid by Dokuchaev and Sushchin to use data obtained by the Yahoo breaches to breachIs there another way to say this without repeating the word "breach". Use active voice (i.e. "D. and S. paid").
number of respondents in the classdid you mean to write "in the class action lawsuit"? Or is this the appropriate way to write this?
On October 28, 2016probably don't need the exact date.
at the request of U.S. intelligence services in a letterrefs should go after punctuation.
They asked Yahoo to communicate all aspects of the data breach to the EU authorities,spell out EU.
Yahoo was not investigating the breach but just examining itstill needs work. See earlier suggestion. Schierbecker ( talk) 16:22, 22 May 2024 (UTC)
Nearly there.
These incidents not onlyeditorializing a bit. Try "These incidents led to the indictment of four individuals linked to the latter breach, including the Canadian hacker Karim Baratov who received a five-year prison sentence and also prompted widespread criticism of Yahoo for their delayed response.
As of 2024, no information has been released about the method used.WP:FAILEDVERIFICATION. Try "As of 2017 Yahoo had been unable to determine the cause of the 2013 breach."
Former CEO of Yahoo Marissa Mayer, who was CEOrepetitive. Try "Marissa Mayer, who was CEO of Yahoo at the time of the breach."
believed to by the US Justice Department
extraneous word
the plaintiffs contenduse past tense
✓ Pass Congratulations! Schierbecker ( talk) 15:21, 29 May 2024 (UTC)
This is the
talk page for discussing improvements to the
Yahoo! data breaches article. This is not a forum for general discussion of the article's subject. |
Article policies
|
Find sources: Google ( books · news · scholar · free images · WP refs) · FENS · JSTOR · TWL |
Yahoo! data breaches has been listed as one of the
Engineering and technology good articles under the
good article criteria. If you can improve it further,
please do so. If it no longer meets these criteria, you can
reassess it. Review: May 29, 2024. ( Reviewed version). |
Yahoo! data breaches was nominated as a Engineering and technology good article, but it did not meet the good article criteria at the time (March 31, 2024, reviewed version). There are suggestions on the review page for improving the article. If you can improve it, please do; it may then be renominated. |
A news item involving Yahoo! data breaches was featured on Wikipedia's Main Page in the In the news section on 23 September 2016. |
This article is rated GA-class on Wikipedia's
content assessment scale. It is of interest to the following WikiProjects: | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
I just wanted to post a quick note of appreciation to the many editors who contributed to this article. Thanks to everyone's efforts it was linked on the Main Page (in WP:ITN) barely a day after creation. Well done. - Ad Orientem ( talk) 20:10, 24 September 2016 (UTC)
I think the last paragraph of the Events section, about other actors having access to Yahoo´s data (meaning PRISM and MUSCULAR programs) is quite misleading as these are a different kind of data breachs. Maybe we could move this to the article´s ending in the "See also" section? Javier Jelovcan ( talk) 12:56, 28 September 2016 (UTC)
Just want to agree with Javier that these breaches seem quite separate. As a casual reader, it felt like the article was trying to make a political point. The government breaches probably don't belong in this article. People reading this article are interested in the specific breaches cited in the news recently, not in "every time that Yahoo user data has been compromised". — Preceding unsigned comment added by 2600:1017:B425:8ED4:5D1E:F33C:6EC9:9CCF ( talk) 16:44, 2 October 2016 (UTC)
While the article is named Yahoo! data breach it seems that 2 separate breaches were publicized more or less at the same time:
Not sure if those 2 breaches are in any way related (e.g. by motivation, by attacker, by method used in the breach etc.). I'm also not sure whether or not Yahoo has confirmed this breach to date. Maybe they try to damage control by only confirming the larger breach and trying to only imply that the previous breach occurred as well without explicitly confirming it?
So what should be done here?
Should the article be renamed to sth like "Yahoo! data breaches" or "2014 and 2012 Yahoo! data breaches" or "Yahoo! data breaches revealed in 2016"...?
Or should there be a new article for the 2012 breach? (And if so: what about the other social media accounts "Peace_of_mind" is selling? It looks like those sites were breached as well.)
Or nothing at all?
-- Fixuture ( talk) 17:26, 30 September 2016 (UTC)
There are a number of open questions I'd like to know the answers to if anybody has them (or can help find the answers to; Yahoo should have provided them already or clearer):
Note that these open questions may also be included in the article if they were/are not answered.
-- Fixuture ( talk) 18:06, 30 September 2016 (UTC)
There are reports of some 1 billion odd accounts ( New York Times, Wall Street Journal, TechnoBuffalo, and more). This appears to be a different breach than the one the article currently covers. We could either incorporate this into the current article and rename it " Yahoo! data breaches" or move the current article to " 2014 Yahoo! data breach" and create a new article 2013 Yahoo! data breach. However, as mentioned above, the current article also covers a 2012 data breach. I guess if this keeps up we'll see a data breach from Yahoo! every year. Falling Gravity 02:41, 15 December 2016 (UTC)
A few days ago User:FallingGravity removed the "2012 breach" section, saying that it's about the 2012 LinkedIn hack.
While that's correct the section also contained information on the breach that apparently occurred in 2012. As of right now the "July 2016 discovery" section contains parts of that now-removed section. However there is no section "2012 breach" despite there apparently being a third breach and it's missing much info that was previously found in the removed section such as the motivation of the hackers and the use of the data.
Should parts of it be restored? If so how (should the section be renamed, left as it is or a new section get added)?
-- Fixuture ( talk) 18:15, 2 January 2017 (UTC)
There does not appear to be even the most basic information posted related to this. Breach could mean anything, obviously it's implied credentials to the accounts were gained, but then what was done?
I assume passwords and contact information was downloaded for every account. What about individual emails, did the hackers download every email?
Did they download location information?
Contact Lists?
Calendar Appointments?
Where is the information — Preceding unsigned comment added by 108.29.37.45 ( talk) 18:27, 8 February 2020 (UTC)
The following discussion is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.
GA toolbox |
---|
Reviewing |
Nominator: Joereddington ( talk · contribs) 05:53, 27 March 2024 (UTC)
Reviewer: Sohom Datta ( talk · contribs) 06:52, 31 March 2024 (UTC)
Another security article in GA finally! I'll take this on tmrw, feel free to ping liberally in case I forget. Sohom ( talk) 06:52, 31 March 2024 (UTC)
Giving this an initial read, this is unfortunately going to have to be a quick fail since as it currently stands the article is a pretty long way from meeting the official good article guidelines. Particularly,
I think most of these issues can be solved by rewriting the article with some help from WP:GOCE. The sourcing behind the article is strong, and I definitely think a GA is within reason. I hope to see this article back at GA once the issues mentioned are fixed. Sohom ( talk) 17:22, 31 March 2024 (UTC)
GA toolbox |
---|
Reviewing |
Nominator: Joereddington ( talk · contribs) 06:34, 2 April 2024 (UTC)
Reviewer: Schierbecker ( talk · contribs) 18:17, 22 April 2024 (UTC)
This article appears to still be a little ways off from GA.
at least two others accessed user account informationconnected to Belan?
Yahoo also claimed that there was no evidence that the attackers were still in the systemWas this proven? Article suggests otherwise.
From October 2014 to at least November 2016, Belan and at least two others accessed user account informationUsing the fruits of the 2014 breach?
The filing noted that the company believed the data breach had been conducted through a cookie-based attackThe September filing or the November filing?
it was reported that account names and passwords for about 200 million Yahoo accounts were presented for sale on the darknet market site.Which darknet site? Was this related to the 2014 breach? Do we know if anyone purchased them?
On hold pending improvements. Schierbecker ( talk) 18:17, 22 April 2024 (UTC)
Schierbecker ( talk) 20:57, 30 April 2024 (UTC)
Former CEO Marissa MayerShould say "Former CEO Marissa Mayer, who was CEO at the time of the breach"
His memoir, written after his release,Try "His memoir published in YEAR".
In a letter to Mayer, six Democratic U.S. SenatorsDid she respond?
Before trial could commenceBefore the trial?
enlisted a Canadian hacker, Karim Baratov, to break into accountsTry "enlisted Canadian hacker Karim Baratov to break into accounts"
In June 2016, it was reported that account names and passwords for about 200 million Yahoo accountsTry "In June 2016 account names and passwords for about 200 million Yahoo accounts were listed for sale" on the darknet market site TheRealDeal." No comma before TheRealDeal. The source says "supposed credentials". Did further investigation substantiate whether this was real? Was "Peace"'s identity ever tied to an individual (or is alleged to be an individual) named in the FBI's indictment or in other inquiries? See p. 1271 in that pdf. Here Peace seems to claim he's just a data broker and is unsure of the providence of the material, saying it may have been from 2012. It's unclear if this alleged breach is one of the two this article deals with or a third breach.
Baratov, the only man arrested, was extradited to the United States
when?
In late November, Ireland's Data Protection Commissioner (DPC)This sentence could be split up.
Yahoo was not investigating the breach but just examining itWhat's a better way of saying this? That the DPC was unsatisfied with the thoroughness of Yahoo's investigation?
awaiting information from Yahoo on allegations that it helped the U.S. government scan users' emails,a whopper of an accusation (also echoed by Sputnik). Was this allegation connected with either of the two breaches that this article talks about? If so, say so.
Instead, Yahoo last week posted an alert on its website asking users who were potentially affected by the breach to “promptly change their passwords,” as well as any security questions and answers used to access their accounts. [2] I'll send a screenshot if you need.
Marissa Mayer had reportedly denied Stamos and his security team sufficient funds to implement recommended stronger security measures,recommended by who?
CEO Lowell McAdam said he wasn't shocked by the hackCEO of what company? Did Verizon renogotiate the deal as a result of the disclosure, as suggested here?
Mayer's equity compensation bonus for 2016 and 2017 was pulled.totaling $14 million. (p. 1279) Lots of good info here.
Yahoo eventually agreed to settlestrike unnecessary word "eventually".
the FBI officially charged four menstrike word "officially".
Yahoo's previous SEC filing on September 9, prior to the breach announcementThe first SEC filing was filed to fulfill a regulatory requirement for the Verizon sale? Should say so.
Verizon only become aware of the 2014 breach just two days prior to the Yahoo'sIt should be noted that Yahoo disclosed this to Verizon. (p. 1271, AU Law Review)
After Yahoo was identified by Edward Snowden as a frequent target for state-sponsored hackers, it took the company a full year before hiring a dedicated chief information security officer, Alex Stamosimplies that Stamos was hired to shore up security as a result of the Snowden leak, which highlighted security weaknesses at Yahoo. Was that so? Also the way this was written implies that Yahoo was slow to act on the revelations and that his hiring was overdue? True?
Neither breach was revealed publicly until September 2016.Try "Although Yahoo was aware" and use active voice. Maybe a good place to highlight the compartmentalization at Yahoo. Also somewhere in the body of the article.
significant implications for Verizon Communication's acquisition of Yahoo.Should mention that the acquisition was happening contemporaneously.
No information has been released about the method used.Use {{as of|YEAR}} for statements likely to become dated.
it took the company a full yeara bit arguementative. Be a little more objective.
Marissa Mayer had reportedly denied StamosIf I recall from the source correctly, this allegation should be attributed to Stamos, right?
he departed the company by 2015.does the source say why?
Belan and at least two hackers connected to him accessed user account information"Belan and allegedly two..." since these individuals haven't been prosecuted.
The Federal Bureau of Investigation (FBI) confirmedwhen?
In a regulatory filing in 2017,SEC? Mention the agency.
all three billion user accountstry "all three billion Yahoo accounts".
The four men accused include Alexsey Belan, a hacker on the FBI Ten Most Wanted Fugitives list,presumably you mean that Belan was on the FBI most-wanted list, not that there was another individual that was also on the most-wanted list.
The FBI claimed that Karim Baratov was paid by Dokuchaev and Sushchin to use data obtained by the Yahoo breaches to breachIs there another way to say this without repeating the word "breach". Use active voice (i.e. "D. and S. paid").
number of respondents in the classdid you mean to write "in the class action lawsuit"? Or is this the appropriate way to write this?
On October 28, 2016probably don't need the exact date.
at the request of U.S. intelligence services in a letterrefs should go after punctuation.
They asked Yahoo to communicate all aspects of the data breach to the EU authorities,spell out EU.
Yahoo was not investigating the breach but just examining itstill needs work. See earlier suggestion. Schierbecker ( talk) 16:22, 22 May 2024 (UTC)
Nearly there.
These incidents not onlyeditorializing a bit. Try "These incidents led to the indictment of four individuals linked to the latter breach, including the Canadian hacker Karim Baratov who received a five-year prison sentence and also prompted widespread criticism of Yahoo for their delayed response.
As of 2024, no information has been released about the method used.WP:FAILEDVERIFICATION. Try "As of 2017 Yahoo had been unable to determine the cause of the 2013 breach."
Former CEO of Yahoo Marissa Mayer, who was CEOrepetitive. Try "Marissa Mayer, who was CEO of Yahoo at the time of the breach."
believed to by the US Justice Department
extraneous word
the plaintiffs contenduse past tense
✓ Pass Congratulations! Schierbecker ( talk) 15:21, 29 May 2024 (UTC)