Yahoo breach data reveals the need for ethical breach reporting

Yahoo breach data from 1 billion users was sold to multiple groups on the deep web and questionable breach reporting kept Yahoo from informing users for months

December 22, 2016 By Michael Heller

Security researchers saw data from more than 1 billion Yahoo accounts sold to multiple threat groups on the deep web, but the method of breach reporting meant Yahoo didn't learn about the incident for months.

InfoArmor, a cybersecurity firm based in Scottsdale, Ariz., first reported the sale of the data on Sept. 28, about one week after Yahoo disclosed the 2014 breach which affected 500 million user accounts. InfoArmor's original report said the data from the Yahoo breach was sold to three separate groups on the deep web in August.

Andrew Komarov, chief intelligence officer at InfoArmor, said each buyer paid approximately $300,000 for the data and while two of the buyers were spam groups, one may have had espionage intentions for the several million accounts in the database with connections to military and government officials from dozens of nations.

Because InfoArmor's report came soon after Yahoo's disclosure it was assumed the data sold was from the 2014 Yahoo breach, but that assumption turned out to be incorrect. The data was actually from a previously unknown Yahoo breach that occurred in 2013 in which account data for 1 billion users was stolen.

To read the full article, click here.