The U.S. Justice Department on Wednesday indicted two officials of Russia’s Federal Security Service, the FSB, and two criminal hackers they hired to steal data from some 500 million Yahoo user accounts.
A few years back, Yahoo! was attacked by hackers in 2014 and after three years, the U.S. government found out who the hackers are.
According to the U.S. officials, the charges were brought against two FSB operatives and two hackers they had cooperated with. But there are still some major questions for which both consumers and investors need answers. Hackers used this technique to target more than 6,500 user accounts. That allowed them to forge technological skeleton keys that would unlock many Yahoo accounts, steal personal information and then use that data to break into other email services used by their targets, USA officials said in announcing charges against four Russians. The security breach took place several years ago, but only came to light last year.
How did so many Yahoo accounts get hacked? “This is an attack by the USA government, it’s a challenge by the US government”.
The twin hacks clouded prospects for the sale of Yahoo’s core business to telecommunications giant Verizon.
The hack targeted the email accounts of Russian and USA officials, Russian journalists, and employees of financial services and other businesses, officials said.
HAMILTON, Ontario The Canadian charged in connection with a massive hack of Yahoo accounts that the United States says was a Russian plot is a young man who has boasted on social media of his wealth and love of expensive cars, online accounts show. Obviously, it’s not possible to know which cloud company this is-it could be anyone from Amazon (yhoo) Web Services to Salesforce to Microsoft (msft) to some other firm.
The Justice Department in its press conference stressed that its indictment was based on allegations. To Yahoo, it then appeared that a hacker was the authorised user.
McCord said the hacking campaign was waged by the FSB to collect intelligence but that the two hackers used the collected information as an opportunity to “line their pockets”.
It’s possible the timing simply coincides with the end of the investigation.
Along the way, the charged person has many options to appeal the extradition. Alexsey Belan, who is on the list of most-wanted cyber criminals, and Karim Baratov, who was born in Kazakhstan but has Canadian citizenship, were also on the indictment.
Using information obtained from the Yahoo hacking, the two FSB officers later engaged the help of Baratov to gain unauthorized access to other accounts outside of Yahoo, the indictment stated. Verizon is proceeding with the deal, expected to close in the second quarter of this year, after cutting $350 million from the price, which now totals $4.48 billion.
If this official account is true, it still doesn’t explain who first learned of the account hacking, and how far up the executive chain the news traveled.
What will the SEC do?
“We will not allow individuals, groups, nation states or a combination of them to compromise the privacy of our citizens, the economic interests of our companies or the security of our country”, said Acting Assistant Attorney General Mary McCord, the head of the Justice Department’s national security division. Shares of Yahoo were down 0.9 percent. And in December, the company announced an earlier and bigger breach, involving 1 billion user accounts, which was discovered by Andrew Komarov, chief intelligence officer for InfoArmor, a security company, who had been tracking the spammers who orchestrated that incursion.