There are other cost factors: Yahoo’s acquisition by Verizon saw a $350M reduction in purchase price due to a loss of 1.5 billion records.

The Windows-based malware was designed to steal personal information from infected PCs and send it via an IP address based in Poland to parties unknown.

Some attackers created malicious software downloads that would masquerade as WhatsApp Desktop applications.

Don’t forget to think of that new application you downloaded recently. How do you differentiate that from a download triggered by an attacker? In abstract terms, only a subset of statistical anomalies contains interesting security events.

The company said the management team “immediately activated” a response plan and is examining whether a breach actually took place, the extent of it and whether there is a continuing threat.

Yahoo is often in the news for wrong reseasons and on October 4th, 2017 the company announced it suffered a cyber attack in which hacker stole 3 billion user accounts in August 2013. This means each and every Yahoo user had their Yahoo email and password stolen.

Even more infuriating: Equifax waited five months to tell anyone. (The hack itself happened in the spring.) Then it bungled its response, initially forcing those affected to sign a legal document prohibiting them from joining a class-action suit, then inadvertently directing potential victims to a fake phishing site which proceeded to steal yet more information.

“Employees and associates can pose the biggest cyber security threat, whether their actions or intentional or not,” says Wray.

“Most importantly, employee security awareness is key because the security perimeter is not a defined line. It doesn’t stop at the end of the building when you walk out the door because employees can access corporate data from everywhere,” adds Martino.

A large majority (87 percent) said they expect email-related security threats to increase in the near future, particularly ransomware attacks like WannaCry and Petya, which 83 percent of respondents labeled the most concerning type of email-related threat.