In late September of 2016, Yahoo! announced a massive security breach whereby hackers stole information from around half of their one billion users. The catch? The security breach occurred in 2014.
Data from the Ponemon Institute shows that the average time it typically takes for companies to identify a breach is 191 days. It then takes, on average, 58 days to contain and resolve a breach. So how did a major email provider like Yahoo! let a security breach of this magnitude occur and consequently go unnoticed for two years? So far, there are no insights into how this happened.