Yahoo has confirmed that hackers stole security details of about 500 million users back in 2014, an attack which is believed to be the largest cybercrime in the world’s history. A report from Reuters say three unnamed U.S. intelligence offcials claim the attack was state-sponsored.
There are speculations that Yahoo may have been attacked by hackers working for the Russian government as series of similar attacks on banks and companies have been linked to Russian intelligence agencies.
The FBI says it is currently investigating the cyber attack.
So far, “the investigation has found no evidence that the state-sponsored actor is currently in Yahoo’s network,” the company said.
Though Yahoo was sold to Verizon [a U.S. telcom operator] for $4.8bn in July, information on the hack was never discovered until later in August. An anonymous hacker who goes by the name “Peace” attempted selling security details stolen from 200 million Yahoo accounts.
This could be a big problem between Yahoo and Verizon which says it just got details of the breach 2 days ago.
“We understand that Yahoo is conducting an active investigation of this matter, but we otherwise have limited information and understanding of the impact,” a spokesman for Verizon said in a statement. “We will evaluate as the investigation continues through the lens of overall Verizon interests … Until then, we are not in a position to further comment.”
Bob Lord [Yahoo’s Chief Information Security Officer] refused to confirm or deny the accusation that the company knew of this breach since 2014 but failed to warn users or go public with the information. He told NBC News in August: “We are aware of a claim. We are committed to protecting the security of our users’ information and we take any such claim very seriously.”
Yahoo didn’t make the announcement until a journalist recently informed the company.
The attacked company went public with the information on Thursday, announcing that the breach included lots of personal information including names, dates of birth, telephone numbers, encrypted passwords and emails as well as “unencrypted security questions and answers”.
The company says no credit card data or bank account details were endangered but added that this security breach is far bigger than first imagined.
Remarkably, Yahoo points out that the attack is believed to be state-sponsored.
All Yahoomail Users Are Advised To Change Their Passwords If They Haven’t Done So Since 2014.
The company said in a statement: “Online intrusions and thefts by state-sponsored actors have become increasingly common across the technology industry.
“Yahoo and other companies have launched programs to detect and notify users when a company strongly suspects that a state-sponsored actor has targeted an account.”
“It is really worrying that a breach from 2014 can have gone undetected for so long,” said Prof Alan Woodward from the University of Surrey.
“It is also surprising the public statement took so long to appear.
“I would have thought most companies had learned by now that early disclosure is better, even if you have to revise and update as you learn more.
“I can understand a few days delay to confirm the breach is genuine as fake data dumps are increasingly common, but six weeks seems rather too long.”