Breach, Data Security, Network Security, Threat Management

Search engine turns its back on Yahoo

A Dutch search engine will no longer feature Yahoo search results, following the news that the tech giant suffered a massive data breach over two years ago and more recent allegations that it may have actively cooperated with US government agencies to spy on users.

The Netherlands-based search engine, StartPage, which bills itself as ‘the world's most private search engine', said it was terminating its  relationship with Yahoo and would no longer be showing its search results. The CEO, Robert Beens said in a press release on 17 October, that considering its recent admissions, “Yahoo has made it easy to walk away”.

Yahoo was the subject of the biggest known breach of all time, in which attackers made off with the account information of 500 million users, but it was only disclosed almost two years after it had happened. The account information was filled with personally identifiable information including names, emails, telephone numbers, dates of birth, hashed passwords and security question and answers.

While Yahoo did not name any culprits, the tech giant said it believed it was the victim of ‘state-sponsored hackers'.

Yahoo's CEO knew about the breach since July 2016 at the latest, but did not tell stakeholders, regulators and importantly Verizon, which is set to acquire the company, until September.

Meanwhile, news agency Reuters reported that sources with knowledge of the situation said that the company had built custom software to search all customers' incoming email using specific search criteria supplied by US intelligence officials.

StartPage claims to be “outside the reach of US data collection mandates”. As the world's “most trusted private search engine”, it offers a free proxy service with every search.

Privacy is an important part of StartPage's ethos. Technically, Yahoo's security won't impact StartPage customers, said Beens, “as we are in between them (Yahoo) and our users, and our users' privacy doesn't depend on Yahoo's security”.

But, added Beens “we have a solid reputation as a privacy company,” and the recent revelations about Yahoo's practices “show choices were made at Yahoo not to invest in security and that they subsequently lied about  'government involvement'”.

“We can no longer be associated with a company that obviously doesn't have its security in order any more and can't be trusted with user information.” This clearly indicates, concluded Beens, “that US-based search engines can't be trusted on their word not to spy on their users, as they may be forced by US laws like the Patriot Act to engage in mass or individual surveillance and keep quiet about it because of gag orders.” Beens predicted that more companies will follow Startpage's example. 

On the business side, Yahoo felt the repercussions of its recent breach when Verizon asked for a billion dollar discount on the sale price. Yahoo did not respond to requests for comment in time for publication.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.