Recently, Yahoo disclosed a data breach on the company’s server which compromised user data of 1 billion users. Now, 1-Billion Yahoo accounts are sold for $300,000 on the Dark Web.
1-Billion Yahoo Accounts Sold For $300,000 On Dark Web
Yahoo just confirmed that they had disclosed a data breach which is said to have occurred in August 2013. Yahoo had already reported several types of the data breach in September 2016. However, the company claimed that both the attacks are different.
Yahoo already admitted in a filing with the US Securities and Exchange commission (SEC) that some of its staff knew about a possible 2014 hacking. But, Yahoo first revealed about the data breach on 22 September 2016.
Bob Lord, Chief information security officer of Yahoo claimed that they haven’t been able to determine how the data from the one billion accounts was stolen.
According to The New York Times, it is the last set of passwords which were sold on the Dark Web for $300,000 last August. The group of hackers behind this attack are believed to have a nationality from some Eastern European country. It would be this group that managed to sell the set of billions of accounts to two groups dedicated to sending advertising spam and malware and third-party espionage tactics.
Andrew Komarov, Chief Intelligence Officer (CIO) at security firm InfoArmor told the New York Times that “three different buyers, including two “prominent spammers” and the third, is believed to be involved in espionage tactics paid $300,000 to gain control of the entire database”.
If we do accounts, then each hacked accounts cost $ 0.0003, or 0.03 cents. The hacked data of Yahoo users include first and last names, passwords, birth dates, phone numbers, security questions and answers, or secondary email to retrieve the account. Hashed passwords were leaked, so far there is no evidence that they have managed to transform it into a plain text.
Apart from this, those leaked details could be used to guess passwords or even it could be used to guess the security questions simply to alter them in other services where users could have used the same answers.
Among the users who have suffered the attack are 150,000 government agents and military employees of the United States, so it is certain that hackers can extract some kind of revenue by endangering the accounts of these employees, putting at risk the security of the country. Therefore, the FBI is investigating the case thoroughly.
Finally, the purchase of Yahoo by Verizon could be truncated. The US operator already wanted to get a billion dollar discount from the 4.8 billion that initially asked for the purchase of Yahoo. Verizon’s interest in Yahoo lies primarily in its experience as an advertising company, but after this case, the purchase may not even take place.