Millions of people have recently found out that they not only have a Yahoo account but also that it has been hacked. Many large companies such as BT use Yahoo to base e-mail accounts for their customers. Anyone with an email address ending with "@btinternet.com", "@btopenworld.com" or "@talk21.com" could have been indirectly hacked and their details leaked.
Who And Why?
This leak of 500 million accounts was not the first time that Yahoo has been hacked. In fact 200 million accounts had been leaked several months ago. Both of these leaks supposedly come from a breach in security in late 2014. This means that all of the companies, including Sky and BT, that outsourced their webmail hosting to Yahoo have had most of their customer's accounts leaked. The hacker claiming responsibility for the attack is only known as "Peace of Mind". This could be a criminal organisation or group but Yahoo suspects that it could be state-sponsered. This would be much less embarrassing for Yahoo's security team as it means that they would have been outsmarted by some of the best hackers from countries such as Russia or China. Many experts, however, think this is unlikely as it doesn't seem like it could be benificial for any particular country. Constant Karagiannis, chief technology officer of Security Consulting at BT Americas staited that “It [The hack] doesn’t fit the normal intent or objectives of nation-state attacks. It’s not really espionage, it’s not retaliation, sabotage or for financial gain,”.
So why were Yahoo accounts leaked by a potentual hacker named "Peace of Mind"? Peace of Mind has leaked several social media accounts onto the deepweb in the past. This includes MySpace and LinkedIn. The way to make these hacks profitable is to sell them as a data dump on a deepweb website. The 200 Million Yahoo accounts were found being sold by "Peace of Mind" on a site called "The Real Deal". They were being sold all together for 3 Bitcoins. 3 Bitcoins at the time were worth about $1,860 (£1437.83). For just under two thousand dollars you could be the owner of 200 million Yahoo user's personal details. Online newspaper "Motherboard" obtained a small sample of 5000 accounts straight from the seller. They staited that of the 100 emails they tried to use, most of them failed to prove themselves still attached to an account or even legitimate.
Could this mean that the actual number of accounts leaked is much less that what Yahoo and others believe it to be? Although it is likely that a portion of the accounts are disabled, it is very unlikely that 100% of the accounts are disabled. The best thing that Yahoo, Sky and BT users can do now is reset their passwords along with any security questions or even password hints. Even one of these pieces of data could lead the owner of the datadump back to someone's account.
Enjoy the blog post? Then you would love our newsletter! Sign up here Signup and get a free Office 365 pitfall PDF guide
Call us on: 01865 988 217