Yesterday, Brian Krebs published his article entitled Yahoo: One Billion More Accounts Hacked. The number of emails that criminals have access to is shocking enough, but if you dig below the surface this breach occurred over THREE YEARS AGO! There are many consumers who have multiple emails and have no idea that their yahoo account (which they may check 3 times a year) has been used as a part of a synthetic identity or account takeover scam by organized crime.
If you are an online retailer, this reinforces a fact I have been preaching for the past year: relying on an email check IS NOT ENOUGH. You must have a layered online fraud system and utilize other key data elements like name, address, phone, IP and even related persons (in certain high ticket or bill/to ship to discrepancy situations). Hundreds of thousands of these emails have already been used to commit fraud and many more are being queued up and matched with other legitimate consumer details… the crime rings are just waiting to deploy this sophisticated, crooked database to hit your site.
It’s also key to remember that utilizing a robust identity solution is key to finding and approving good transactions. If you clamp down your systems because you are aware that millions of email addresses are corrupt (but appear legit) you are potentially turning away good business. Whitepages Pro specializes in helping online merchants speed good transactions to clear and can reduce your manual review queue by up to 50%.
Though this is the largest breach in history, data hacks like this are no longer isolated, infrequent incidents. As more data moves off in-house servers and into the cloud, customer data becomes more accessible to hackers and thieves. In the next five to seven years, $9 to $21 trillion in global economic value creation depends on robust cybersecurity and, unfortunately, many companies just aren’t keeping up (as referenced by the 500% jump in compromised records between 2005 and 2014). With the volume of data increasing every year, merchants, financial institutions, and healthcare providers alike must be wary and focused on implementing secure environments that use every tool in the box – data, behavior analytics, device identification, and other, not-yet-developed technologies – to stay ahead of fraud.
NYTimes coverage of the Yahoo hack: Yahoo Says 1 Billion Accounts Were Hacked
If you believe you’ve been hacked, CNNtech covers what you should do.