Slashdot Mirror

← Back to Stories (view on slashdot.org)

Former Yahoo CEO Marissa Mayer Apologizes For Data Breach, Blames Russians (reuters.com)

Posted by msmash on from the seeking-forgiveness dept.

Former Yahoo chief executive officer Marissa Mayer apologized today for a pair of massive data breaches at Yahoo and blamed Russian agents on the growing number of incidents involving major U.S. companies. A reader shares a report: "As CEO, these thefts occurred during my tenure, and I want to sincerely apologize to each and every one of our users," she told the Senate Commerce Committee, testifying alongside the interim and former CEOs of Equifax and a senior Verizon Communications executive. "Unfortunately, while all our measures helped Yahoo successfully defend against the barrage of attacks by both private and state-sponsored hackers, Russian agents intruded on our systems and stole our users' data."

19 of 212 comments (clear)

  1. My product sucks so by OffTheLip · · Score: 5, Insightful

    blame Russia. I sense a pattern here.

    1. Re:My product sucks so by Mitreya · · Score: 4, Funny

      I sense a pattern here.

      Also We're sorry.
      No one takes responsibility, no one invests in better security, but they are sorry.

    2. Re:My product sucks so by Thud457 · · Score: 4, Funny

      They're in our Thoughts and Prayers.

      It's the least we can do.

      --

      the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff

  2. It's becomming a fad these days .... by Jerry · · Score: 5, Insightful

    losers blaming Russians for their own incompetency.

    --

    Running with Linux for over 20 years!

  3. RUSSIA by amiga3D · · Score: 5, Insightful

    It's always a good idea to blame other's for your incompetence. If it wasn't the RUSSIANS it'd be the CHINESE or the INDIANS or some other nation. Cyberspace is like the wild west. Strap on a six shooter and defend yourself.

    1. Re:RUSSIA by bluefoxlucid · · Score: 5, Insightful

      That's the thing: as a project manager, I look at things we would do differently next time. Factors outside our control are explanations, but not excuses.

      It's kind of annoying that, as a Democrat aligned with the Democratic party philosophies, I have to keep pointing out that Hillary wrote a whole god damned book about why she lost the 2016 election--and blamed everyone else. H.R. McMaster had written a book called "Derelection of Duty" for which he was criticized in reviews because he didn't address the superior strategy and military power of the Vietcong; yet he did exactly what he should have done: he addressed everything the American administration did wrong, because we can't expect the Vietcong to play along nicely in the war.

      Yes, the Russians are coming to hack you. Yes, that's going to cause an uptick in incidents, regardless of what you do. Now harden up and figure out how you're going to keep this shit to a minimum, because that's your job, and it's the only thing you have control over.

      --
      Support my political activism on Patreon.
    2. Re:RUSSIA by ctilsie242 · · Score: 4, Interesting

      A car example of this would be someone who leaves their keys in an unlocked vehicle. First, someone from Lower Elbonia steals the car. Then, someone from Latveria. Then, someone from Cobra Island, and then someone from the Greater East Asia Co-Prosperity Sphere. Yes, one can blame these countries, but there is also the issue that anyone from anywhere could see the car keys and want to go for a ride.

      There comes a point where, yes, a theft is a theft, but there needs to be some culpability in failing to secure things. At least Europe is taking steps to break the "security has no ROI" cycle with the GDPR. It is not perfect, but losing 4% of total earnings is a pretty big incentive to actually spend some on basic security design [1]. Security isn't rocket science. Good security practices have been around since the Cold War era, and OPSEC practices have been around since people started trying to kill each other in groups.

      Good security can be done. It is just bothering to spend the resources to do so.

      [1]: For example, it isn't hard to secure a database. I've seen a startup use transparent encryption through a HSM to ensure that an intruder isn't going to be able to dump the DB and make off with the goodies. If those guys could do it, a well-heeled company can easily implement this, plus many other defense in depth measures. To secure AD, it isn't hard to set up policies requiring 20+ characters for service accounts, and a short (3-5 minutes) lockout period for user accounts, coupled with a real time monitoring system to catch brute force attempts.

  4. Canada by tsa · · Score: 5, Funny

    What happend to good old Blame Canada?

    --

    -- Cheers!

    1. Re:Canada by Mashiki · · Score: 5, Insightful

      It was replaced. First by 4chan, then gamergate, and now Russia. Blaming someone else is the typical cop-out by people who refuse to take responsibility for their actions(or in-action).

      --
      Om, nomnomnom...
  5. Back in 1984 by cloud.pt · · Score: 5, Insightful

    I love how every single US problem these days is insta-mitigated with "blame the russians".

    1. Re:Back in 1984 by thinkwaitfast · · Score: 4, Informative

      I don't even recall this happening during the cold war.

  6. Hey Marissa by 93+Escort+Wagon · · Score: 5, Insightful

    If you really felt you were at fault, you'd give all those millions of dollars back.

    But it's quite obvious what's she's saying is "sorry not sorry" - "I was CEO, so of course the buck stopped with me... but I wasn't actually culpable in any way".

    --
    #DeleteChrome
  7. US needs legal liability by EndlessNameless · · Score: 5, Interesting

    Good luck if you want to hold anyone accountable for any of this. Maybe you have the time and money to slug it out in the courts. Or years to wait for a verdict.

    We have some experience with addressing this. Companies can get slapped pretty hard for violating HIPAA---either for improper disclosure or poor security. However the law was written, it is effective in making them think about security properly. A law by itself doesn't guarantee good conduct across the board, but it certainly helps when there are consequences.

    If any congressman wants to extend HIPAA-level security requirements to any system that handles the personal information of American citizens, he gets my vote automatically. We should have done it 20 years ago. Better late than never.

    Unless there are new rules and new consequences, nothing will change. Wallets and ballots, people.

    --

    ---
    According to the latest ruleset, this post should be modded as Vorpal Flamebait +5.
  8. Re:Should have colluded with Russia like Trump by Anonymous Coward · · Score: 5, Insightful

    Wouldn't it be better if Yahoo just colluded with Russia's attack on its users like Trump colludes with Russia's attacks on America while denying that Russia is responsible for the crimes that he colludes with?

    You obviously missed the fact that the Russian lawyer supposedly colluding with Trump met with the same group Hillary! hired to create that fake Trump dossier.

    Yep, that same Russian lawyer met with Fusion GPS right before and right after Don Jr. said, "WTF?!?!" to her when she tried to entrap him.

    Who's colluding with Russia?

    "Follow the money"

    Democrats paid Fusion GPS. Fusion GPS created that fake Trump dossier. Fusion GPS met with the Russian lawyer who tried to meet with Trump.

  9. Why spend money on security.. by sqorbit · · Score: 5, Insightful

    ...when it's way easier just to blame Russia. Lots of American's will jump on board with this. Russian hacking is the bad guy, we're the good guys. Now we can all just ignore that fact that US corporations are constantly targets because of horrible security policies and crappy management.

    --
    Sent from my TARDIS
  10. Indeed by nospam007 · · Score: 5, Funny

    " I want to sincerely apologize to each and every one of our users,"

    Both of them.

  11. Heard in class yesterday by DontBeAMoran · · Score: 5, Funny

    Teacher: Where's your homework, Timmy?
    Timmy: The Russians stole it!

    --
    #DeleteFacebook
  12. "The Russians Pooped In The Hall!" by Archtech · · Score: 4, Funny

    https://uploads.disquscdn.com/...

    --
    I am sure that there are many other solipsists out there.
  13. Nice try Marissa by erp_consultant · · Score: 4, Insightful

    The dog ate my homework. Let's just blame everything on "the Russians". Well, that narrows it down to a few hundred million people. Let's not bother to actually try and find out which "Russian" may have perpetrated this act. No let's just leave it at that and call it a day. Great way to deflect attention from the fact that this massive breech occurred ON YOUR WATCH.

    Well, at least you managed to get all those people working from home back into the office. Because if they are working from home they can't possibly keep an eye on those pesky "Russians". Except that..oh...it happened anyway. So I guess that one kinda backfired. At least you can point to your tremendous success in every portfolio you touched during your tenure as CEO...crickets....

    She did "sincerely apologize" so I guess that counts for something. Except she did it after making away with hundreds of millions of dollars in salary and stock so it rings exceedingly hollow to me. And laying off thousands of workers. And driving a stake through the heart of a once proud internet pioneer. But hey, Marissa took care of Marissa and that's all that really matters. Right?

    Cunt. Karma is going to have a field day when it catches up to you.