Since September 2016, Yahoo has twice revised

                                  its  data  breach  disclosure.  In  December  2016,

                                  Yahoo  disclosed  that  hackers  had  stolen  data


                                  from  1  billion  Yahoo  users  in  August  2013,  and

                                  had  also  forged  cookies  that  would  allow  an

                                  intruder  to  access  user  accounts  without


                                  supplying  a  valid  password  in  2015  and  2016.

                                  The Yahoo data breach was, in part, as bad as it

                                  was because of poor security practices. Hackers

                                  gained access to Yahoo’s network through the


                                  use  of  a  phishing  scheme.  All  it  took  was  one

                                  employee  with  network  access  clicking  on  a

                                  malicious link for a hacker to get through. Once

                                  in,  the  hackers  were  able  to  guarantee  their


                                  continued access to the network.






























                                                                                                             26