Jump to content
Tuts 4 You
Sign in to follow this  
Teddy Rogers

Yahoo Identfies Over One Billion Accounts Data Stolen...

Recommended Posts

Teddy Rogers

Yahoo Identfies One Billion Accounts Data Stolen

Quote

As Yahoo previously disclosed in November, law enforcement provided the company with data files that a third party claimed was Yahoo user data. The company analyzed this data with the assistance of outside forensic experts and found that it appears to be Yahoo user data. Based on further analysis of this data by the forensic experts, Yahoo believes an unauthorized third party, in August 2013, stole data associated with more than one billion user accounts. The company has not been able to identify the intrusion associated with this theft. Yahoo believes this incident is likely distinct from the incident the company disclosed on September 22, 2016.

https://investor.yahoo.net/releasedetail.cfm?ReleaseID=1004285
https://yahoo.tumblr.com/post/154479236569/important-security-information-for-yahoo-users

Yahoo Security Notice December 14, 2016

https://help.yahoo.com/kb/account/SLN27925.html?

Ted.

  • Like 1

Share this post


Link to post
Techlord

Yes, unfortunately, while this was disclosed yesterday, the investigation about this incident was going on for quite sometime.

My team was one of the teams investigating this breach and while many a time we had recomended that the affected Yahoo users be alerted, the Yahoo admins decided to wait till yesterday to finally disclose the matter publicly !

And NO guys .. This is not a "Dreamer on Steriods" ;)

(Of course, "Dreamer on Steroids" or a "Highly Skilled Professional" depends on one's point of view LOL )

Edited by Techlord (see edit history)

Share this post


Link to post
Techlord

Additionally though that these links would be interesting :

Quote

 

Yesterday morning, Reuters dropped a news story revealing that Yahoo installed a backdoor on their own infrastructure in 2015 in compliance with a secret order from either the FBI or the NSA. While we all know that the US government routinely asks tech companies for surveillance help, a couple aspects of the Yahoo story stand out:

  1. The backdoor was installed in such a way that it was intercepting and querying all Yahoo Mail users’ emails, not just emails of investigation targets.

  2. The program was implemented so carelessly that it could have allowed hackers to read all incoming Yahoo mail. Of course this also means FBI/NSA could have been reading all incoming Yahoo mail.

  3. Yahoo execs deliberately bypassed review from the security team when installing the backdoor. In fact, when members of the security team found it within weeks of its installation, they immediately assumed it had been installed by malicious hackers, rather than Yahoo’s own mail team. (This says something about what the backdoor code may have looked like.)

  4. Yahoo apparently made no effort to challenge this overly-broad surveillance order which needlessly put hundreds of millions of users at risk

 

Full Article here .

And ...
 

Quote

 

Yahoo Inc last year secretly built a custom software program to search all of its customers' incoming emails for specific information provided by U.S. intelligence officials, according to people familiar with the matter.

The company complied with a classified U.S. government demand, scanning hundreds of millions of Yahoo Mail accounts at the behest of the National Security Agency or FBI, said three former employees and a fourth person apprised of the events.

Some surveillance experts said this represents the first case to surface of a U.S. Internet company agreeing to an intelligence agency's request by searching all arriving messages, as opposed to examining stored messages or scanning a small number of accounts in real time.

 

Full article here .

 

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  
×
×
  • Create New...