The personal data stolen from one billion accounts run by US internet giant Yahoo in 2013 included personal data belonging to the employees of government agencies like the Federal Bureau of Investigation (FBI) and the National Security Agency (NSA).
The data also included sensitive information like phone numbers, passwords, security questions and backup email addresses of White House officials as well as some British authorities, the CNN reported Friday, citing Andrew Komarov, chief intelligence officer at InfoArmor.
Komarov said his company became aware in August that the data has been on sale for $300,000 on the so-called dark web, an encrypted internet network only accessible through special software.
So far, at least three parties have purchased the massive package, Komarov said, noting that the price was likely to drop after Yahoo made the breach public on Wednesday.
Yahoo said in a statement that the hack differed from another major attack in 2014, where 500 million user accounts were hacked.
The FBI announced on Thursday that it had launched an investigation into the incident and were trying to determine the source of the attack.
Yahoo attributed the 2014 attack to a “state-sponsored actor,” but never said which party was responsible for the breach.
Komarov, however, said his company had already tracked down the attackers, identifying them as a group of eastern European cyber criminals who have hacked other online services such as Dropbox, Tumblr and Russia-based social network VK.com.
“[Group E] earns money on selling stolen data mainly to spammers,” Komarov told CNN, noting that the hackers were not related to any foreign government. “But in the case of Yahoo, we can prove that they sold two to spammers and one potentially to a state-sponsored party or foreign intelligence agency.”
The announcement by Yahoo came amid high tensions between the US and Russia over Washington’s hacking claims against Moscow.
The administration of President Barack Obama insists that the outcome of the recent US presidential election was affected by Russia's hacking of some US political organizations, a claim that the Kremlin has categorically denied.
Post a Comment
Post a Comment