Yahoo announced that it has suffered a massive security breach as malicious hackers stole 1 billion user accounts in 2013 including 1,50,000 US government and military employees.
Hackers not only steal the user name and passwords, but also they steal the birth dates, security questions, back up email addresses and phone numbers.
Andrew Komarov, the chief intelligence officer for InfoArmor, an Arizona-based cyber security firm discovered that the details of the user credentials were sold on the Dark Web for $300000 to three different parties.
“We found that the Yahoo dump had a very big number of users who worked for the government or military and used Yahoo for personal purposes,” Komarov said in an interview Thursday. He said hackers could easily find the secondary email used for password recovery and that would lead them to the user’s governmental – and perhaps high-security – identity. “And it wasn’t just the US users; we found a big number of government employees in the UK, Australia and Canada, too.”
Komarov while investigating the hackers known as Group E, cybercriminals based in Eastern Europe with a track record of hacking Dropbox, Tumblr and Russia-based social network VK.com found that the hackers are trying to sell the stolen data’s for $300000.
Komarov found that the two of the buyers were huge underground spamming groups. “The third buyer was potentially a foreign intelligence organization because the questions they were asking were very specific,” Komarov said. Komarov said that the buyer reached out to Group E and produced a list of ten names of U.S. and foreign government officials and industry executives, and asked them to confirm that their logins were included in the stolen online loot — or else no deal. This signalled to Komarov that the buyer must be an agency involved in foreign intelligence.
In a press release, Yahoo said, “As we previously disclosed in November, law enforcement provided us with data files that a third party claimed was Yahoo user data. We analyzed this data with the assistance of outside forensic experts and found that it appears to be Yahoo user data. Based on further analysis of this data by the forensic experts, we believe an unauthorized third party, in August 2013, stole data associated with more than one billion user accounts. We have not been able to identify the intrusion associated with this theft. We believe this incident is likely distinct from the incident we disclosed on September 22, 2016.”
The Yahoo attack is different than other hacks, Komarov said, and poses danger to more than just government employees. “The Yahoo hack makes cyber espionage extremely efficient. Personal information and contacts, email messages, objects of interest, calendars and travel plans are key elements for intelligence-gathering in the right hands. The difference of the Yahoo hack between any other hack is in that it may really destroy your privacy, and potentially have already destroyed it several years ago without your knowledge, ” he added.
White House spokesman Josh Earnest said Thursday that the FBI is investigating the most recent breach.
“There was a previously reported breach that the FBI had previously indicated that they were investigating and they’re investigating this situation as well, so I’ll let them speak to what they have found over the course of that investigation thus far,” he said.
We recommend the users to reset the passwords and security questions and also change the passwords in other sites where you used the same passwords.