After an extensive investigation, the U.S Department of Justice is finally expected to file charges against the four hackers it suspects of leading one of the massive Yahoo breaches. There is currently no information on whether the said group of individuals was behind the 2013 breach of 1 billion user accounts or the 500 million accounts one in 2014, reports Bloomberg.
According to a source aware of this sensitive legal matter, the government officials suspect that one of these alleged hackers resides in Canada while the other three are from Russia. It further adds that the Canadian hacker is likely is face to instant arrest, the same is not true for those in Russia. The U.S officials won’t be able to indict them due to no extradition treaty between the two countries.
This is a significant development with regards to the massive Yahoo breaches disclosed last year, which resulted in hackers fleeting off with user data of millions of email accounts. The reports of the breaches, which involved the use of forged cookies, started flooding in just couple months post the $4.83 acquisition of its core assets by telecom major Verizon. The hacks have since been seen as material and caused the said transaction to sour.
Now, Verizon who had reportedly sought a $950 million discount in its acquisition deal has settled on $350 million. It has now agreed to acquire Yahoo’s core assets for $4.48 billion even after being fully aware of the materialistic effects of the breaches. These breaches also resulted in management changes at the company.
Yahoo’s general counsel Ron Bell is taking the fall for the massive security breaches and leaving the internet giant in the process. And instead of taking the fall for her lack of authority and action, Marissa Mayer has only foregone $20 million worth of annual equity and bonus. She’s also being handsomely awarded $23 million worth of ‘golden parachute’ compensation with regards to the Verizon deal.
First, Yahoo reported that state-sponsored actors have breached their email servers and fled away with personal data minus payment info of nearly 500 million users in 2014. The hackers took with them users’ email addresses, scrambled account passwords and dates of birth. This caused mass panic and anxiety among individuals, especially because the internet giant had then rescinded the option to delete accounts.
But, the situation further worsened when Yahoo disclosed that the systems had previously also been breached in 2013. It said that the internal security team had then dismissed the possibility of a hack (even though some employees were aware of it) but intruders took possession of the data of over a billion accounts in the process. The company had since been working with external investigators to discover the root cause for the hacks. It discovered that hackers used forged cookies and accessed over 32 million user accounts, who’ve now been notified to bolster their security.