Yahoo's Billion-User Database Reportedly Sold On the Dark Web for Just $300,000 - NYT

An anonymous reader writes: As if 2016 wasn't shitty enough for Yahoo -- which admitted to two separate breaches that saw 500 million users' and then 1 billion users' details stolen by hackers -- the New York Times reports that a billion-user database was sold on the Dark Web last August for $300,000. That's according to Andrew Komarov, chief intelligence office at security firm InfoArmor. He told NYT that three buyers, including two prominent spammers and another who might be involved in espionage tactics purchased the entire database at the aforementioned price from a hacker group believed to based in Eastern Europe. It's lovely to know that it only costs $300,000 to be able to threaten a billion people's online existence -- which means each account is only worth $0.0003 to hackers who can ruin your life online in a matter of minutes. Yahoo also doesn't yet know who made off with all the data from the attack in 2013, which is said to be the largest breach of any company ever.

Good Job Yahoo

[bfpierce]

Might be the most profitable thing you've done in a decade or more!

Re:Ruin your life?

Are you kidding me? If someone knew I had a Yahoo account, I'd have to jump off a bridge from embarrassment.

Re:Hmm

[gnick]

Even if I had a Yahoo account, I can't imaging using it for anything that would "ruin my life." It's Yahoo, not Ashley-Madison.

300k for a billion addresses? Pah!

[Opportunist]

Just wait 'til they sell the trillion mail addresses at mailinator!

Re:Ruin your life?

Are you kidding me? If someone knew I had a Yahoo account, I'd have to jump off a bridge from embarrassment.

Sent from my AOL account.

Re:Just received this from Yahoo! yesterday

[fisted]

hashed passwords

Nice! I honestly was expecting plaintext passwords. But hashed! Companies are learning!

(using MD5)

Oh, wait.

the stolen information did not include passwords in clear text

ayy, until you google the hash.