September 29, 2016 by

Security firm Disputes Yahoo’s Claim of State-Sponsored Hacker Breach

Yahoo’s now-infamous breach that saw 500 million account details stolen was instigated by common cybercriminals rather than state-sponsored hackers, a security company has claimed.

Contrary to Yahoo’s claim that a state-sponsored hacker or party breached its network to steal over 500 million users’ account information, an official from security firm InfoArmor has opined that the hack was the work of cybercriminals.

Andrew Komarov, chief intelligence officer at the security firm points to hackers behind well-known pseudonyms from the underground community are behind the company’s massive breach.

In a report, Komarov stated:

Yahoo was compromised in 2014 by a group of professional blackhats who were hired to compromise customer databases from a variety of different targeted organizations.

The company unmistakably blamed the breach on the doings of a nation-state actor. The claim has seen skepticism from parts of the cybersecurity community. For instance, two people familiar with the still-ongoing investigation within the company told Bloomberg News that the state actor link wasn’t ‘iron-clad.’

Related article: Yahoo! Set to Confirm a “Massive” Data Breach

According to Komarov, the same group of blackhat hack-for-hire hackers is also directly linked to other notable breaches such as those of MySpace, Tumblr and LinkedIn.

The nature of the breach is that of a “closed” characteristic, according to the security executive. This is due to the “specifics of customers associated with this specific data and the motivations of the bad actors involved,” he wrote.

The data stolen as a result of the breach includes names, e-mail addresses, phone numbers and even un-encrypted security questions and answers which could potentially lead to identity theft if the security questions and answers are used in other online user accounts.

Meanwhile, Yahoo hasn’t responded with any comment in light of the detailed explanation offered by InfoArmor as to why it believes that the breach was caused by cybercriminals.

In its original announcement, it is notable that the company did not offer up any evidence to back its claim of alleging the breach upon a state actor, pointing to its ongoing investigation.

Image credit: Flickr.

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

Canadian Hacker Pleads Guilty to Yahoo Breach Instigated by Russia

A Canadian national accused by the United States of helping Russian intelligence agents breach into...

Read more arrow_forward

UK Cybersecurity Chief Blames Russia for Cyberattacks

The head of the UK GCHQ’s National Cyber Security Centre (NCSC) has accused Russia of staging...

Read more arrow_forward

Yahoo! Still Doesn’t Know Cause Behind Biggest Data Breach Ever

Former Yahoo CEO Marissa Mayer has admitted that the web giant still doesn’t know the cause behind...

Read more arrow_forward