The Department of Justice on Wednesday identified four people, including two Russian spies and two criminal hackers, as the main suspects behind one of the biggest data breaches in the world. Yahoo was hacked in 2014 but the company only disclosed it two years later, when it confirmed that more than 500 million accounts were breached.
A report explains how hackers were able to breach into your Yahoo Mail account, and that Yahoo could have prevented the damage had it taken faster actions against the intruders.
The hackers first breached Yahoo’s network in early 2014. By working through Yahoo’s network, they were able to steal a backup copy of Yahoo’s user database that contained information which could be used to reset passwords, and an internal tool Yahoo uses to access and edit information in said database.
The hackers didn’t even need passwords to hack accounts, as the database they stole contained encrypted user passwords. They used those passwords in combination with malware which would fool Yahoo’s servers into thinking that the account owners would sign in rather than an attacker. As long as users didn’t change their passwords after November 2014, the method would let hackers dig into the information in those accounts at will.
The database the hackers stole contained personal data including phone numbers, answers to security questions and recovery email addresses. The hackers may have used the information to target other online properties belonging to the targeted user, such as Gmail and other services. They could also send fraudulent emails to the users to fool them into revealing passwords for other accounts, or install malware on their computers.
When it comes to “monetizing” their efforts, hackers employed various tactics. They apparently searched for credit card and gift card information inside emails. They used the breached email accounts to conduct highly specific spamming campaigns. The hackers would send emails on behalf of the unsuspecting users to their friends and colleagues, who would be more likely to open an email from a person they know. Finally, hackers also manipulated servers so that they would get commissions each time a user would search for a certain product and buy it online.
What do you think about Russia hacking into Yahoo?