Slashdot Mirror

← Back to Stories (view on slashdot.org)

Some Within Yahoo Knew of Massive Breach in 2014 (usatoday.com)

Posted by msmash on from the hiding-things dept.

Some within Yahoo knew of a massive data breach that compromised its network when it occurred in 2014, not in late September, when it was first disclosed. From a report on USA Today: An independent committee of Yahoo's board, which launched an internal probe in August to learn more about the state-sponsored attack that affected data belonging to at least 500 million members, discovered that staff knew of the attack two years ago. "The company had identified that a state-sponsored actor had access to the company's network in late 2014," the company said In a filing with Securities and Exchange Commission.

12 of 30 comments (clear)

  1. Bunch of Yahoos by Oswald+McWeany · · Score: 2

    Yahoo
        [yah-hoo, yey-, yah-hoo]
    Spell Syllables
    noun, plural Yahoos.
    1.
    (in Swift's Gulliver's Travels) one of a race of brutes, having the form and all the vices of humans, who are subject to the Houyhnhnms.
    2.
    (lowercase) an uncultivated or boorish person; lout; philistine; yokel.
    3.
    (lowercase) a coarse or brutish person.

    Accurate.

    --
    "That's the way to do it" - Punch
  2. Disinformation by Vlad_the_Inhaler · · Score: 2

    When Yahoo initially claimed they were breached by a "state sponsored attack", my thoughts were: well - they would say that. Others - better informed - agreed. Now that claim is being spun as a "given", is there really any proof at all of that?
    The first I heard about it was at the start of August. That appears to be when the "internal probe" was launched, it took them a further 6 weeks to go public.

    --
    Mielipiteet omiani - Opinions personal, facts suspect.
  3. Yes, we know this. by freeze128 · · Score: 2

    We already know this. That's what the whole story in late September was about: Yahoo was hacked and that information was kept from its customers for 2 years. Of course someone inside Yahoo knew about it.

    Maybe this article is just to help stem the mass suicide from learning that Trump won the election.

    1. Re:Yes, we know this. by Ol+Olsoc · · Score: 2

      We already know this. That's what the whole story in late September was about: Yahoo was hacked and that information was kept from its customers for 2 years. Of course someone inside Yahoo knew about it.

      The very odd thing that I'm having a problem with is I knew of the breach. At the time, I belonged to several Yahoo groups. A lot of spam and spoofed posts started showing up. Then Yahoo sent out posts telling people to change their passwords. While no one mentioned "State actors", it was pretty obvious that a big hack had just happened.

      Fortunately, I only used my Yahoo email to access the groups, not for anything else. Kinda like there was nothing but the one program I needed Windows for on my W10 machine. So even if hacked in the case of Yahoo, or purposefully telemetered, like Windows 10, there would be as little damage as possible.

      But two years later, its hard to figure out what was supposedly kept secret from us.

      --
      The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
  4. I'm only surprised they bothered admitting it. by Narcocide · · Score: 2

    It was transparently obvious to the rest of us that Yahoo had been breached long before 2014. Empirical evidence of the sheer rate and volume of account compromises (especially re-compromises) over the years compared to other similar services left little else as a plausible explanation. The worst possible news here for Yahoo is that they might be telling the truth and it really took them all the way until 2014 to notice themselves.

  5. State-sponsored most likely the US government by Anonymous Coward · · Score: 1

    Wow, it sounds like the state-sponsored attack must have been the US government.

    Can you imagine Yahoo employees keeping their mouths shut for that long if it was a Russian/Chinese/Indian/Iranian-sponsored attack? Or for that matter, even if the evidence wasn't solid, engage in wild speculation? See the recent allegation of Russian support for Trump broadcast as fact despite the lack of any hard evidence.

    We know from the Snowden revelations that in addition to secret courts rubber stamping secret requests; plus active cooperation by most IT companies in creating automated systems to deal with the volumes of requests; that the NSA were nonetheless actively and covertly attacking major IT companies such that even Google/Yahoo/Facebook etc have all started encrypting internal network links over the past few years.

  6. Twist ending! by Narcocide · · Score: 1

    The state that sponsored the attack was their own.

  7. Re:State-sponsored actor by Big+Hairy+Ian · · Score: 1

    Let me guess, it's gonna be Russkis again, isn't it?

    Nah I blame Mickey Rooney

    --

    Build a Man a Fire, and He'll Be Warm for a Day. Set a Man on Fire, and He'll Be Warm for the Rest of His Life.

  8. ROUGE ENGINEER! by michaelcole · · Score: 1

    ROUGE ENGINEER strikes again!

  9. Re:Hahaha quit cryin loser! by haruchai · · Score: 2

    "Man who broke England's bank" - you don't have a clue. Read & learn

    http://www.investopedia.com/as...

    --
    Pain is merely failure leaving the body
  10. Re:Will Obumbles pardon Crooked Liar Hillary! by haruchai · · Score: 1

    Yes, She Can

    "nor shall be compelled in any criminal case to be a witness against himsel"

    --
    Pain is merely failure leaving the body
  11. Re:Ethics by justthinkit · · Score: 1

    The public knew about it on or before January 30, 2014.

    --
    I come here for the love