Yahoo Confirms the Biggest Data Breach in History
The Internet Giant Says That More Than 500 Million of Its Users Are Affected
It all started in August when security experts stumbled upon an advert from a hacker nicknamed Peace_of_Mind who offered sensitive information related to quite a few Yahoo accounts on TheRealDeal Dark Web market. He wanted 3 bitcoins (about $1,800 at the current rate) in exchange for a data dump that, in his own words, contained the names, usernames, MD5 hashed passwords, and dates of birth of around 200 million Yahoo users. According to the ad, the data was stolen in 2012.
Peace_of_Mind is quite famous around the Dark Web circles, and his name can be linked to the selling of data stolen during the hacks of LinkedIn, Tumblr, and MySpace, among others, which is why security experts took the ad seriously. They secured a sample of the stolen information and found out that while some of the records concern inactive and deleted accounts, there are plenty of genuine usernames and passwords in Peace_of_Mind's data dump. In the meantime, Yahoo said that its security professionals are investigating the matter.
Just under two months later, the Internet giant announced its findings and the news isn't good.
According to the press release, there has indeed been a data breach of Yahoo's system. It occurred in 2014, and during it, hackers were able to get their hands on sensitive information associated with "at least" 500 million accounts. In other words, Yahoo announced that it's been hit by the biggest data breach of all time. Affected users have already been asked to change their passwords.
As a silver lining, the company said that the stolen data did not include unprotected passwords and banking information. According to Yahoo, the "vast majority" of passphrases were encrypted with bcrypt, not MD5, which means that cracking the algorithm is much more difficult.
As the more eagle-eyed among you have spotted already, there are quite a few discrepancies between Peace_of_Mind's description and what Yahoo claims was actually stolen. Because of this, security experts reckon that Peace_of_Mind didn't steal the information. They think that he was used as a link between the real hackers and the individuals who might be interested in buying the usernames and passwords.
Yahoo's researchers, on the other hand, concluded that the attack was carried out by state-sponsored threat actors. They wouldn't say what led them to believe this is the case, but according to InfoArmor, Yahoo's conclusion is wrong. The security company conducted an investigation of the breach and said at the end of September that the perpetrators are professional black hat hackers that have nothing to do with foreign governments. There will probably be more disputes on whether or not the attack was funded by adversaries from the other side of the border.
State-sponsored or not, however, the sheer size of the attack on Yahoo is bound to leave a mark on the infosec industry and change the way big companies think about the security of their customers.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.