It’s been a terrible year for personal privacy, yet the issue remains on the backburner in the presidential race.
— Yahoo this week acknowledged the largest data breach in history, affecting more than 500 million user accounts. The company said the intrusion apparently began in 2014. Names, email addresses, telephone numbers, dates of birth and answers to “security questions” may all have been stolen.
Yahoo only disclosed this to customers after the press forced its hand. Vice’s Motherboard blog reported a month ago that a cybercriminal known as “Peace” was trying to sell 200 million Yahoo user credentials on the “dark web.” Recode reported this week that Yahoo was preparing to confess to a breach – which seems to have prompted the company to confirm the news later in the day.
This is the latest in a long string of high-profile breaches, from Target to LinkedIn.
— The political conversation about the data breaches has been almost exclusively about national security, not consumer privacy. Indeed, Yahoo blamed “state-sponsored” hackers. And most of the anger about all the hacked emails, whether the Democratic National Committee’s or Colin Powell’s, has been directed toward the Russians and/or WikiLeaks.
A site that experts have linked to Russian intelligence, the same one that posted Powell’s private correspondence, Thursday shared a copy of Michelle Obama’s passport, as well as sensitive Gmail messages from a White House contractor.
Vladimir Putin should certainly not be let off the hook for meddling in our democratic process, and bipartisan pressure keeps building on the White House to retaliate against Moscow for its skullduggery. But the Yahoo revelation underscores how relatively little outrage has been directed toward the companies which hold the data that has been breached.
— Both presidential candidates have talked about the need to improve cybersecurity, but neither wants to be too out front on this issue:
Hillary Clinton – who the director of the FBI has called “extremely careless” about her email use – does not want to draw attention to how vulnerable private accounts are to being hacked. . .
And Donald Trump has an abysmal record when it comes to safeguarding the data of his customers. Trump’s hotel chain disclosed this April that its computers had been attacked, but Eric Trump refused to say just how badly. Last year, Trump’s company admitted that hackers had installed malicious software into their payment systems – potentially collecting the credit card information of anyone who stayed at one of the GOP nominee’s hotels over more than a year.
Trump, of course, also encouraged the Russians to hack Clinton’s emails during the Democratic National Convention. And Rand Paul, who made privacy and opposition to government surveillance centerpieces of his campaign, failed to catch fire during the primaries.
With The Washington Post’s Breanne Deppisch