Yahoo’s Latest Billion Breach!

The scale of a second Yahoo data breach is massive, but although the attack took place in 2013 it is only in December 2016 that Yahoo made this public, because even they did not know about it until November 2016!

Some-time around August 2013, hackers penetrated the email system of Yahoo, one of the world's largest and oldest providers of free email services.

The attackers quietly scooped up the records of more than 1 billion users, including names, birth dates, phone numbers and passwords that were encrypted with an easily broken form of security.

The intruders also obtained the security questions and backup email addresses used to reset lost passwords valuable information for someone trying to break into other accounts owned by the same user, and particularly useful to a hacker seeking to break into government computers around the world: Several million of the backup addresses belonged to military and civilian government employees from dozens of nations, including more than 150,000 Americans.

No one knows what happened to the data during the next three years. But last August, a geographically dispersed hacking collective based in Eastern Europe quietly began offering the whole database for sale, according to Andrew Komarov, chief intelligence officer at InfoArmor, an Arizona cybersecurity firm, who monitors the dark corners of the internet inhabited by criminals, spies and spammers.

Three buyers, two known spammers and an entity that appeared more interested in espionage, paid about $US300,000 each for a complete copy of the database, he said.

The attack, which Yahoo disclosed recently, is the largest known data breach of a company. And neither Yahoo nor the public had any idea it had occurred until a month ago, when law enforcement authorities came to the company with samples of the hacked data from an undisclosed source.

Yahoo still does not know who broke into its systems in 2013, how they got in or what they did with the data, the company said. It has made more progress tracking down a separate hacking episode in 2014, which compromised 500 million email accounts and was disclosed in September. The company has said it believes the 2014 attack was sponsored by a government entity but has not identified it.

The two huge breaches revealed this fall threaten to erode consumer confidence in the company and are endangering its deal to sell its internet businesses to Verizon Communications for $US4.8 billion. Yahoo's stock plunged 6 per cent as investors worried that Verizon would abandon the purchase.

Komarov said in an interview that his company obtained a copy of the database and over the last few months alerted military and law enforcement authorities in the United States, Australia, Canada, Britain and the European Union about the breach. After those parties verified the authenticity of the stolen records, he said, some of them went to Yahoo with their concerns.

InfoArmor did not go to Yahoo directly, Komarov said, because the internet giant was dismissive of the security firm when approached by an intermediary. He also said he did not trust Yahoo to thoroughly investigate the breach since it could threaten the sale to Verizon.

Komarov worked in counterterrorism before joining Group-IB, a Moscow security firm. In 2013, he and a colleague left to form IntelCrawler, which drew attention for its work tracking the Syrian Electronic Army and the young hacker behind a large breach of the retailer Target's systems. IntelCrawler was acquired by InfoArmor in 2015.

Yahoo said that it could not verify Komarov's claims, which were made public in a Bloomberg article. "The limited InfoArmor data set provided to us by Bloomberg, based on initial analysis, could be associated with the data file provided to us by law enforcement," the company said in a statement. "That said, if InfoArmor has a report or more information, Yahoo would want to assess that before further comment."

The FBI said in a statement that it was investigating the Yahoo breach. Attorney General Eric T. Schneiderman of New York also said his office was in touch with Yahoo to examine the circumstances of the data breach.

Verizon has said that it is weighing its options, which range from demanding a price cut to walking away altogether. Yahoo may still prove attractive, given the sheer size of its user base. But a huge defection of users would drastically lessen its value to Verizon. Even if Verizon proceeds, it would very likely demand a significant price cut.

The question will be whether the telecom giant can be shielded from potential legal liability.

Security experts and former government officials warned that the real danger of the Yahoo attack was not that hackers gained access to Yahoo users' email accounts, but that they obtained the credentials to hunt down more lucrative information about their targets wherever they resided across the web.

That database of 1 billion Yahoo accounts is still for sale, although current bids are coming in at $US20,000 to $US50,000 since the data is much less valuable now that Yahoo has changed the passwords.

Washington Post:      AFR:          The Worst Hacks In 2016:

 

 

« Smartwatch Technology For Police Forces
UK Schools & Teaching Computer Science »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

National Cyber League (NCL)

National Cyber League (NCL)

The NCL provides a virtual training ground for participants to develop, practice, and validate their cybersecurity knowledge and skills.

Early Warning Services

Early Warning Services

Early Warning Services identity, authentication and payment solutions empower financial institutions to make confident decisions, enable payments and mitigate fraud.

Cybersecurity Association of Maryland (CAMI)

Cybersecurity Association of Maryland (CAMI)

CAMI’s mission is to create a global cybersecurity marketplace in Maryland and generate thousands of high-pay jobs through the cybersecurity industry.

Kryptus

Kryptus

Kryptus provides a wide array of solutions for hardware, firmware and software ranging from semiconductors to complex digital certificate management systems.

Riddle&Code

Riddle&Code

Riddle&Code is a product-led services company specializing in onboarding industries to Web3. The team's mission is to provide a trusted connection between the digital and physical worlds.

Prosperoware

Prosperoware

Prosperoware develop software for cybersecurity, privacy, and regulatory compliance for content systems, and financial matter management.

Darkbeam

Darkbeam

Darkbeam provides a unified solution to protect against security, brand and compliance risks across your digital infrastructure.

Open Data Security (ODS)

Open Data Security (ODS)

Open Data Security is a market leader in the information security sector, offering services to companies, governments and individuals, helping them shield from hackers and cyber attacks.

QuantiCor Security

QuantiCor Security

QuantiCor Security is one of the world’s leading developers and manufacturers of quantum computer resistant security solutions for IT infrastructures and the Internet of Things (IoT).

The Security Bulldog

The Security Bulldog

The Security Bulldog distills and assimilates open source cyber intelligence to enable security teams to understand threats more quickly, make better decisions, and accelerate detection and response.

Rezonate

Rezonate

Rezonate discovers, profiles, and protects Identities and their entire access journey to cloud infrastructure and critical SaaS applications. Preventing and stopping cyberattacks.

CyberloQ Technologies

CyberloQ Technologies

CyberloQ Secure is a cybersecurity solution that enables clients to implement highly robust Multi-Factor Authentication (MFA) that includes client-defined location-based geofencing constraints.

Boecore

Boecore

Boecore is an aerospace and defense engineering company that specializes in software solutions, systems engineering, cybersecurity, enterprise networks, and mission operations.

Data Computer Services

Data Computer Services

Data Computer Services provides professional tailored IT Support and IT Services for businesses throughout Edinburgh and the Lothians.

Avatar Managed Services

Avatar Managed Services

Avatar offers proven, process driven IT support to companies who want to utilize their technology to their best advantage.

Nihka Technology Group

Nihka Technology Group

Nihka offers full end-to-end ICT solutions from business optimisation, data centre modernisation, cloud connection and management, and ICT security.