It’s been yet another bad week for Yahoo, the perpetually beleaguered internet giant based in Sunnyvale, California. This past September, we learned of an enormous 2014 hack into its user database that compromised 500 million accounts. That would be the tip of the iceberg, as this week another larger hack came to light — a staggering billion accounts were hacked in 2013.
When you’re dealing with numbers of this size, a lot of money goes along with it. The New York Times says that last August, a shadowy “hacking collective in Eastern Europe” began offering the hacked data for sale — this from Andrew Komarov, who is chief intelligence officer at InfoArmor, a cybersecurity outfit out of Arizona that deals in “advanced threat intelligence” and monitors the seamy areas of the internet that are populated by crooks, scammers, spammers, and spies. The Times says that “two known spammers and an entity that appeared more interested in espionage paid about $300,000 each for a complete copy of the database.”
Komarov also noted that his company got a copy of the database and informed various military and law enforcement authorities in various countries of the incident, including the United States, Australia, Canada, Britain, and the EU “After those parties verified the authenticity of the stolen records, he said, some of them went to Yahoo with their concerns.”
He also said in the interview that he didn’t approach Yahoo directly “because the internet giant was dismissive of the security firm when approached by an intermediary. He also said he “did not trust Yahoo to thoroughly investigate the breach since it could threaten the sale to Verizon.”
Komarov’s claims first surfaced in this Bloomberg article, which states that Komarov watched the hacker group he calls “Group E” sell the database three times, and “was able to intercept the database during the sales. ” Two buyers were large spammers on the Spamhaus Register of Known Spam Operations (ROKSO) list. And here’s where it gets even trickier. Bloomberg adds the the other buyer “gave the sellers a list of ten names of U.S. and foreign government officials and business executives, to verify their logins were part of the database. That led Komarov to speculate the buyer was a foreign intelligence agency.”
Ah, and let’s not forget that sale to Verizon. Besides the ongoing questions of how this could happen — twice that we know of — and why did it take so long for the information to come to light, the bigger issue of Verizon looms. Do they want to move forward with their purchase of the net behemoth with a discounted price, or wash their collective hands of the entire proposed $4.83 billion acquisition?
In the Times, Verizon spokesman Bob Varettoni offered nothing new on his company’s stance, and offered a conservative boilerplate comment. “’As we’ve said all along, we will evaluate the situation as Yahoo continues its investigation,’” he said. “’We will review the impact of this new development before reaching any final conclusions.’”