the German Federal Office for security in information technology (BSI) calls on global Internet service provider, for IT security incidents, where German citizens are affected, to cooperate more in the future with the BSI the BSI today communicated has . For example, systemic weaknesses should be communicated so that the BSI can perform his statutory duties as national cyber security authority. This includes German user in questions, information security awareness, to advise and to warn, also in relation to the possible consequences of missing or inadequate safety precautions on the part of the Internet service provider.
to get information about details of the attack, the exact extent of the damage and the measures taken, the BSI has contacted also in the interest of the German users with Yahoo. Succeeded attackers due to systemic weaknesses, to steal 2013 data of over 1 billion and the year 2014 of approximately 500 million Yahoo users in the year. more about 32 million user accounts was accessed over the years 2015 and 2016 without authorization.
Yahoo EMEA Ltd. in Dublin was cooperative while according to BSI little and not supported by the Federal Office for the analysis of security incidents. The company denied any information the BSI and referred instead to the Irish data protection Commissioner, without however authorize this information at the BSI. Due to the lack of cooperation no concrete information exists until today the BSI, which could be used to dealing with these incidents and incidents finally the advice and warning the user to prevent of any further similar. Nor so far of the BSI was able to convince himself, whether suitable measures to ensure of the security of its systems within the meaning of the
user of Yahoo and are adequate.
“it is unfortunate that Yahoo! has not complied with our requests to the IT security incidents affecting also citizens and citizens in Germany. We otherwise present a trusting and constructive dialogue for more security for the customers. Yahoo has obviously failed to protect themselves adequately against cyber attacks, and so protect its customer data, as you would expect from an IT company. Users should therefore closely look what services want to use them in the future and they trust their data. There are a number of providers that take seriously the security and the protection of your customer data specifically in Germany. Certifications, as we offer them for example in the area of cloud computing with the C5, are doing for customers valuable clues”BSI President Arne Schönbohm explains.
get to know the building blocks of enterprise cloud platform in this audio Webinar. Learn how to achieve maximum freedom and flexibility for your applications. More outcome achieved with less input – specific application examples. [Update: the webinar has already occurred.] Register now and look at the record.