The Biggest Hack of 2016 – and of All Time
Thu 5 Jan 2017
2016 will go down in many people’s memories as a fairly unpredictable one. It was the year in which pollsters failed to spot the signs leading up to Brexit, were caught out on the US Presidency and was plagued by a slew of celebrity deaths. However, 2016 also holds the dubious honour for being the year that hosted the biggest hack of all time. Its victim? None other than the Yahoo group.
From 2013 to 2016
It doesn’t matter that the breach actually took place in 2013, when it was discovered that around 1 billion user accounts had been compromised, containing details such as usernames, security questions and passwords – because it’s the upshot of that hack – three years later – that makes it so significant.
The hackers behind the heist, who have become known as ‘Group E’ have reportedly sold the entire database of 1 billion accounts on the Dark Web, to three separate buyers, at approximately £300,000 per sale. In addition to the hundreds of millions of everyday users that have been compromised, it has been further revealed that an intercepted copy of the database shows that certain accounts have a bearing on America’s national security, containing accounts pertaining to the White House, the FBI, military officials and the National Security Agency.
A Foreign Intelligence Agency?
Security staff monitoring the Dark Web also suspect that two of the buyers were spammers. However, speculation suggests that the third buyer in the equation was someone from a foreign intelligence agency; discussion between the hackers and this third party involve the buyer requesting a list of 10 US and foreign government officials as confirmation of authenticity, in advance of the sale.
It would appear that Yahoo’s decision to subsequently enforce password and security question changes has had a small effect on the hackers’ plans. While the information is still for sale on the Dark Web, the price-tag for the entire database has dropped from £300,000 to a considerably-smaller £20,000.
Despite this, we are mere days into 2017 and the threat posed by hackers and cybercriminals has already leveled-up.
Comments are closed.