FBI Presents Theory On How Yahoo’s Breach Went Down

Yahoo Breach Theory

The Department of Justice bringing charges against two spies in Russia and two hackers who allegedly took part in the massive data breach that rocked Yahoo recently has now shed light on exactly how these breaches took place.

During a follow-up briefing on Wednesday (March 15), the FBI shared its insight on how Yahoo’s user data and technology was compromised so significantly over a two-year period.

Malcolm Palmore, assistant special agent in charge of the FBI’s San Francisco Cyber Division, told Ars Technica that the agency believes the hack started back in 2014 when a Yahoo employee fell victim to a spear phishing email campaign.

According to Palmore, that initial breach eventually led the exposure of more than 500 million user accounts. During the interview, he stated that spear phishing or social engineering “was the likely avenue of infiltration” used by hackers to steal the credentials of an “unsuspecting employee” at Yahoo.

From there, hackers gained access to Yahoo’s internal networks, and the rest has gone down in cybersecurity history.

The DOJ said that the four men against whom it brought charges face 47 criminal charges, including conspiracy, computer fraud, economic espionage, aggravated identity theft and the theft of trade secrets.

One of those charged, Karim Baratov, a 22-year-old Canadian and Kazakh national, was arrested in Canada on Tuesday. Two agents of Russia’s Federal Security Service — Dmitry Aleksandrovich Dokuchaev, 33, and Igor Anatolyevich Sushchin, 43, both Russian nationals and residents — were also charged. Alexsey Alexseyevich Belan, 29, a Russian national and resident as well, was the fourth to be charged and is among the most wanted cybercriminals on the FBI’s list.

This past fall, Yahoo disclosed a massive breach of user accounts that impacted 500 million people. In December, it disclosed yet another breach, bringing the number of potentially impacted to over 1 billion accounts. The data breaches placed its deal to sell its core internet assets to Verizon Communications in peril after months of negotiations between the two.