News

Who Was Behind The Yahoo Account Breach?

by Yvonne Juris

A scary revelation related to Yahoo accounts announced on Thursday just set off some serious alarm bells. Yahoo recently confirmed that the personal data of at least 500 million user accounts may have been stolen. And who hacked the Yahoo accounts? The answer to that question may be even more concerning than you think.

According to a statement, the company believes that a "state-sponsored actor" was behind the security breach, which is said to have begun in late 2014. Information obtained might have included names, email addresses, and other data such as telephone numbers and birth dates, as well as "encrypted or unencrypted security questions and answers."

Attributing the act to a "state-sponsored actor" implies that an individual working on behalf of a government may have been behind the hack, which could be one of the largest cybersecurity breaches to date.

This is not the first connection Yahoo has had to a major hacking scandal. Last month, an alleged hacker who goes by the name "Peace," claimed that as many as 200 million Yahoo accounts may have been posted for sale on the dark web. At the time of the alleged hack, Yahoo said they were "working to determine the facts."

Stephen Lam/Getty Images News/Getty Images

Yahoo said it is now working with law enforcement and that so far, the company has found no evidence that the "state-sponsored actor is currently in Yahoo’s network." This revelation has understandably left Yahoo users worried. And in response to the concern, some information about protecting accounts has begun to circulate, with Yahoo suggesting that users change their current passwords. In addition to changing your current Yahoo password, (as well as the passwords for other accounts if the passwords were the same as the one used for the Yahoo account), another recommendation for Yahoo users is to activate a two-factor authentication.

A spokesperson for Verizon communications, which announced in July that it was acquiring Yahoo's core properties for $4.8 billion, said in a statement that the company only learned about the security breach "two days ago and had limited information and understanding of the impact."

If the Yahoo account hack took place in 2014, it means that the company took close to two years to identity the security breach. And according to the Ponemon Institute, which tracks security data breaches, the average time taken to identify a hack is 191 days, and the average time taken to contain a breach is listed as 58 days. However, the alleged 2014 hack has not been confirmed.

Founder of Hold Security, Alex Holden, who has been tracking the flow of stolen data on the dark web, said the first sign of a breach appeared in June, when a Russian hacker who goes by the user name “Tessa88” started referring to stolen Yahoo data. “This is one of the biggest breaches of people’s privacy and very far-reaching," Holden said of the recent news.