US charges four with Yahoo data breach

Nieuws Breedband Verenigde Staten 15 MAR 2017
US charges four with Yahoo data breach

US federal officials have indicted four men, including two officers from Russia’s Federal Security Service, in connection with the online security breaches at Yahoo, and for stealing personal data that affected hundreds of millions of Yahoo users. The Russian men paid others to collect information through computer intrusions in the US and elsewhere. All four hacked into the computers of US companies providing email and internet-related services. 

One, a Canadian and Kazakh national, was taken into custody in Canada, the authorities said. The other men are believed to be in Russia. There is no extradition treaty between Russia and the US, so US authorities will only be able to arrest them if they travel overseas to a country that is willing to hand them over. 

The men used unauthorized access to Yahoo’s systems to steal information from about at least 500 million Yahoo accounts, starting in January 2014, according to the statement from the Department of Justice. They then used some of that stolen information to obtain unauthorised access to the contents of accounts at Yahoo, Google and other webmail providers, including accounts of Russian journalists, US and Russian government officials and private-sector employees of financial, transportation and other companies. 

One of the Russians, Alexsey Belan was previously indicted in 2012 and 2013 and was named one of the FBI’s Cyber Most Wanted criminals in November 2013. An Interpol notice has sought his arrest since July 2013. Belan was hired by the two FSB officers to access the Yahoo database. Belan used his access to steal financial information such as credit card numbers from webmail accounts; to gain access to more than 30 million accounts whose contacts were then stolen to facilitate a spam campaign; and to earn commissions from fraudulently redirecting a subset of Yahoo’s search engine traffic.

The fourth co-conspirator, a resident of Canada, was tasked with accessing the accounts of targets of interest, at webmail providers other than Yahoo, by using information obtained as part of the Yahoo intrusion. He receieved commissions for obtaining unauthorized access to more than 80 accounts.

Categories:

Internet

Companies:

GoogleYahoo

Regions:

Wereld

Countries:

Verenigde Staten

Tags:

Security, Legislation - Lawsuits

Related Articles

VERENIGDE STATEN 30 JAN 2019

US federal judge rejects Yahoo's settlement for security breach

A US federal court has rejected Yahoo's proposed settlement of USD 50 million in damages for the security breach disclosed in 2016, Reuters reported. Yahoo agreed in October to pay the money and to provide two years of free credit-monitoring services to 200 million people affected by breach in the USD and Israel. The US judge however said that the settlement lacked transparency and that she could not declare the settlement "fundamentally fair, adequate and reasonable" because it did not say how much victim

VERENIGDE STATEN 24 OCT 2018

Yahoo to pay USD 50 mln to settle security breach litigation

Yahoo has agreed to pay USD 50 million in damages and provide two years of free credit-monitoring services to 200 million people whose email addresses and other personal information were stolen in a security breach. The settlement must still be approved in federal court, AP reports. 

WERELD 17 SEP 2018

Altaba to pay USD 47 mln to settle Yahoo breach litigations

Altaba, the remaining holding company for Yahoo, has sent a letter to its shareholders, saying it has reached an agreement in principle to pay USD 47 million in litigation expenses to settle litigation around Yahoo's failure to disclose its 2014 cyber security breach. The settlement will settle all three cases related to the breach, Reuters noted.

VERENIGDE STATEN 25 APR 2018

Altaba fined USD 35 mln by SEC for late Yahoo data breach disclosure

The US Securities and Exchange Commission has fined Altaba, the company formerly known as Yahoo!, USD 35 million for failing to disclose the major personal data breach on its site and misleading investors. 

CANADA 27 NOV 2017

Canadian charged in 2014 Yahoo data breach set to plead guilty

A Canadian accused of helping Russian intelligence agents hack Yahoo email accounts in a 2014 breach is set to change his plea to guilty next week, according to court records seen by Reuters. Karim Baratov, a 22-year-old Canadian citizen born in Kazakhstan, recently waived his right to fight a US request for his extradition from Canada. In March, US federal officials indicted four men, including two officers from Russia's Federal Security Service, in connection with the online security breaches at Yahoo, an

VERENIGDE STATEN 4 SEP 2017

Yahoo data breach victims have standing to sue - US judge

Yahoo will have to face lawsuits from any of the 1 billion-plus victims of three data breaches suffered by the company between 2013 and 2016, reports Reuters, citing a decision from US District Judge Lucy Koh. According the judge, victims had the right to pursue some breach of contract and unfair competition claims as a result of the breaches. "All plaintiffs have alleged a risk of future identity theft, in addition to loss of value of their personal identification information," she said, adding that some p

WERELD 19 APR 2017

Yahoo ups revenues, profit in Q1 as it nears Verizon close

Yahoo said revenues for the first quarter advanced to USD 1.327 billion from 1.087 billion the year before, with the net result reaching USD 99 million, higher than the loss of 99 million recorded the year before, but lower than the 162 million gain in the fourth quarter. Earnings per diluted share went up to USD 0.10 from a loss of 0.10 year-on-year while the adjusted EBITDA lifted to USD 188 million from 147 million. CEO Marissa Mayer said the company was now entering its final quarter as an independent c

VERENIGDE STATEN 15 MAR 2017

US to charge four hackers in Yahoo data breach - report

Officials at the US Department of Justice are about to indict four people in connection with the online security breaches at Yahoo, reports Bloomberg, citing an unnamed source. One of the alleged hackers is based in Canada and may be arrested imminently, while the other three are currently in Russia, said the source. Yahoo remains in cooperation with state, federal and foreign governments regarding security breaches in 2013 and 2014 that affected more than a billion accounts.

WERELD 23 SEP 2016

Yahoo! confirms over 500 mln users' data hacked

Yahoo! has confirmed that details of over 500 million of its users' accounts were stolen by what it believes was a state-sponsored attack. The account information may have included names, email addresses, phone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers. Yahoo said it does not believe any credit card or other payment details were taken, as this is not stored in the same system found to be hacked. The c

Just In

19 DEC 16:42

SLT-Mobitel launches 5G network in Sri Lanka

19 DEC 16:19

Dialog Axiata launches 5G network, connects 1.5 million subscribers

19 DEC 15:56

UK govt to ban AI-enabled nudification apps to protect women, girls

19 DEC 15:42

3 UK launches last-minute Christmas sale

Commentary

13:56

Video market set for slower growth ahead

11:38

Netflix buys Warner Bros to deepen content catalogue

11:11

KPN's mixed performance in Q3 raises questions for strategy day

15:26

Stock markets breaking records but what happened to Odido's IPO plans?

Background

01:04

The week in telecom: Wi-Fi bolt-ons take off to boost broadband growth, video market works on consolidation

01:39

The week in telecom: Netflix wins bidding for Warner Bros, Apple poaches new execs, Samsung debuts trifold

13:51

Proximus vs. Telenet: Proximus performs better in Q3 while Telenet uses up cash

14:16

Proximus Domestic still struggling with low margins

Complete profile

Before downloading the whitepaper, we would like to ask you to complete your profile with company and position. After confirming you will receive the white paper.