Hack poses challenge for struggling Yahoo

Associated Press

SAN FRANCISCO

Yahoo has been struggling for years to keep people coming back to its digital services such as email. That challenge just got more daunting after hackers stole sensitive information from at least 500 million accounts.

The startling breach disclosed Thursday is believed to be the largest to hit a single email provider. The security breakdown risks magnifying Yahoo’s preexisting problems – specifically, that it is losing users, traffic and the advertising revenue that follows both, to rivals such as Google and Facebook.

Some snarky online commentators quipped that the hack would have been far more devastating if people actually still used the company’s services. While there’s some truth to that observation, millions around the world still rely on Yahoo mail and other services, and are now potentially at risk of identity theft or worse.

And if these people give up on Yahoo as a result, the consequences for the company itself – now scheduled to become part of Verizon as soon as its $4.8 billion deal closes – also could be dire. “Yahoo may very well be facing an existential crisis,” said Corey Williams, senior director of products and marketing at the computer security firm Centrify.

Yahoo was already facing a steep decline in email traffic, despite CEO Marissa Mayer’s efforts to upgrade the service in order to foster more user loyalty. In July, 161 million people worldwide used Yahoo email on personal computers, a 30 percent decline from the same time in 2014, when the breach first occurred. That’s according to the latest data from the research firm comScore. By contrast, Google’s rival Gmail service saw desktop users rise 9 percent to nearly 429 million over the same period.

The email breach raises questions about Yahoo’s ability to maintain secure and effective services, particularly since it’s been laying off staff and trimming expenses to counter a steep drop in revenue over the past eight years.

Yahoo didn’t explain what took so long to uncover a heist that it blamed on a “state-sponsored actor” – parlance for a hacker working on behalf of a foreign government.