200M Yahoo accounts go up for sale on digital black market

I understand...

 

"Justice Department to announce indictments in massive Yahoo hack: source

U.S. Justice Department officials are expected to announce indictments on Wednesday against suspects in at least one of a series of hacking attacks on Yahoo Inc (YHOO.O), according to a source briefed on the matter.

The accused men live in Russia and Canada, the source said, with the Canadian far more likely to face arrest. Russia has no extradition treaty with the United States..."

http://www.reuters.com/article/us-yahoo-hack-indictments-idUSKBN16M05P

"...The Department of Justice is accusing four people of participating in massive online security breaches that compromised hundreds of millions of user accounts,...

The U.S. is arresting one of the people in Canada as soon as Tuesday, the person said. Three of the people are currently in Russia,..."

https://www.bloomberg.com/news/arti...-to-plan-indictments-related-to-yahoo-hacking

 

"Justice Department charging Russian spies and criminal hackers in Yahoo intrusion...

...[T]he first U.S. criminal cyber charges ever against Russian government officials.

The indictments target two members of the Russian intelligence agency FSB, and two hackers hired by the Russians...

The indicted FSB officers are Dmitry Dokuchaev and Igor Sushchin, his superior. Particularly galling to U.S. officials is that the men worked for the cyber investigative arm of the FSB — a rough equivalent of the FBI’s Cyber Division. That the agency that is supposed to investigate computer intrusions Russia is engaged in hacking is “pretty sad,” one official said.

Dokuchaev, whose hacker alias was “Forb,” was arrested in December in Moscow, according to the news agency Interfax, on charges of state treason for passing information to the CIA. He had reportedly agreed to work for the FSB to avoid prosecution for bank card fraud.
Another man indicted in the case is Alexsey Belan, who is on the most-wanted cyber list and has been charged twice before, in connection with intrusions into three major tech firms in Nevada and California in 2012 and 2013. He was in custody in Greece for a time, but made his way back to Russia, where he is being protected by authorities, officials said.

The other hacker-for-hire is Karim Baratov, who was born in Kazakhstan but has Canadian citizenship. He was arrested in Canada on Tuesday..."

https://www.washingtonpost.com/world/national-security/justice-department-charging-russian-spies-and-criminal-hackers-for-yahoo-intrusion/2017/03/15/64b98e32-0911-11e7-93dc-00f9bdd74ed1_story.html?utm_term=.b40e648af8c7?tid=a_breakingnews&hpid=hp_no-name_no-nameage/breaking-news-bar

Edit Update: Justice Deptartment Has Oficially Announced The Indictment

https://www.washingtonpost.com/world/national-security/justice-department-charging-russian-spies-and-criminal-hackers-for-yahoo-intrusion/2017/03/15/64b98e32-0911-11e7-93dc-00f9bdd74ed1_story.html?hpid=hp_rhp-top-table-main_justice-1010a:homepage/story

 

https://arstechnica.com/tech-policy...vileged-yahoo-employee-led-to-massive-breach/

 

https://krebsonsecurity.com/2017/03/four-men-charged-with-hacking-500m-yahoo-accounts/

 

http://gazette.com/cascading-effect-one-attack-led-to-another-at-yahoo/article/feed/450461

 

What Russian Hackers Teach About America's Spies

-- Tom

 

For a job well done??

"Marissa Mayer To Leave Yahoo With $186 Million From Verizon Deal"

https://www.nytimes.com/2017/04/24/...6-million-on-yahoos-sale-to-verizon.html?_r=0

I thought being a TV weatherman was the only job that pays well for being wrong.

 

https://www.cnet.com/news/yahoo-security-chief-reportedly-out-after-merger/

 

Everyone old enough to have been online in the 90's will remember the advice we received constantly,
"Do not use personaly identifiable information on the internet".
That all changed when "they" realized they could use our online activity for intelligence gathering. They went silent on that previous advice while going all out to coerce the population into putting as much personaly identifiable information online as possible. I for one didn't fall for it my yahoo account is fake name fake address fake everything.

 

Hang him\her, now he\she will NSA star.

 

"US judge says Yahoo data breach victims have the right to sue

Verizon will now have to deal with any lawsuit filed by victims of the massive breaches Yahoo suffered between 2013 and 2016. US District Judge Lucy Koh has tossed out Yahoo's argument that the people affected by the cyberattacks don't have the standing to sue. While many plaintiffs' cases were dismissed, Koh has ruled that they can change their complaints and pursue some kind of breach of contract or unfair competition claims. According to Reuters, the judge wrote in the 93-page ruling that she came to that decision because all plaintiffs 'have alleged a risk of future identity theft.'..."

https://www.engadget.com/2017/09/01/judge-says-yahoo-data-breach-victims-can-sue/

 

http://www.reuters.com/article/us-y...ounts-hacked-in-2013-data-theft-idUSKCN1C82O1

Far cry from the original 200 million reported, right? Now it's reportedly all 3 billion of them.

 

"Canadian Man Pleads Guilty to Hacking Gmail Accounts for the Kremlin

SAN FRANCISCO—A 22-year-old man who ran a successful hacker-for-hire business from his home in Toronto pleaded guilty to federal conspiracy and identity theft charges Tuesday, admitting in open court that he cracked account passwords at Gmail on behalf of a customer who turned out to be an officer with Russia’s Federal Security Service, or FSB...

He’s not accused of participating directly in the Yahoo hack, or even knowing about it. Instead, the FSB used him to fill the gap when they encountered a target that used Gmail, or another provider, instead of Yahoo, where the FSB already had the ability to access any account..."

https://www.thedailybeast.com/canadian-man-pleads-guilty-to-hacking-gmail-accounts-for-the-kremlin

 

I highly doubt mine is of any real interest. Its been around since Windows 98 and it's only because you must have a Yahoo Account to sign into use Flickr pictures gallery.

 

"Judge Says Users Can Sue Yahoo for Massive Breach

A federal judge in California has ruled that a class action lawsuit against Yahoo related to a series of data breaches at the company can move forward. Verizon, which bought Yahoo last year for a reduced price of about $4.5 billion, had asked the judge to dismiss many of the lawsuit’s claims...

The plaintiffs in the class action lawsuit claim that they would have chosen another email service if they had been informed sooner of Yahoo’s security woes—a claim that U.S. District Judge Lucy Koh found credible.

'Plaintiffs’ allegations are sufficient to show that they would have behaved differently had defendants disclosed the security weaknesses of the Yahoo Mail System,' Koh wrote..."

https://gizmodo.com/judge-says-users-can-sue-yahoo-for-massive-breach-1823704720

 

$35 Million Penalty for Not Telling Investors of Yahoo Hack

https://www.securityweek.com/35-million-penalty-not-telling-investors-yahoo-hack

 

I hope someone buys mine. Its only fully stocked with 5 years worth of SPAM never emptied.

 

Verizon says Yahoo users must waive class action rights—or stop using Yahoo

https://arstechnica.com/tech-policy...aive-class-action-rights-or-stop-using-yahoo/

 

That seems lousy and grossly unfair. Am I wrong thinking that? After all it wasn't the user's fault but the telecommunications security or lack of proper checks n balances on their systems.

That being said, I always suspected that any so-called FREE email service, including Google, couldn't be fully security controlled from breaches as well as making use of data that entered their systems from being sold, solicited etc.

Does this makes sense?