Rumors of several months' standing that Yahoo! had sustained a significant breach were confirmed yesterday afternoon when Yahoo! disclosed that user account information was stolen from its networks by what the company described as "a state-sponsored actor." The breach was discovered when the company began investigating dark web chatter that a large tranche of Yahoo! account credentials was being hawked by the criminal known as "Peace."
It turns out that the actual breach was far larger than anything claimed by Peace (and indeed whatever Peace has is probably unrelated to the compromise disclosed yesterday). More than 500 million customer accounts were copied and stolen in late 2014. The stolen data are not thought to contain any credit card or other financial information, but they do include passwords, security questions, and the like.
Yahoo!, which has been struggling in recent years, had apparently achieved what analysts characterized as a "soft landing" in its agreement to an acquisition of its core business by Verizon. That acquisition is now, as the Washington Post notes, under a "cloud." It may still go through, but the deal will certainly receive additional scrutiny. Verizon learned of the breach Tuesday.
Leading Congressional Democrats warn Russia against attempting to influence US elections.
Reuters reports that investigation into the Shadow Brokers' leak of apparent US NSA hacking tools is focused on the theory that an NSA operator inadvertently left the tools exposed on a server.
KrebsOnSecurity remains offline as we write. Akamai will no longer provide Krebs DDoS-resistant hosting.