Late yesterday Yahoo disclosed that the company was breached in August 2013, with a billion customer accounts compromised. This incident is said to be distinct from the breach disclosed in September of this year that affected 500 million customers. “The stolen user account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (using MD5) and, in some cases, encrypted or unencrypted security questions and answers,” Yahoo said.
The company doesn't know how the breach was accomplished, but thinks the culprits were "state-sponsored." Who the sponsoring state might be remains unspecified, but Yahoo says it's the same one responsible for the breach disclosed earlier. Other observers who've looked into the matter (notably InfoArmor) take issue with that conclusion, saying the breaches look like the work of criminals, albeit criminals who may have had nation-states among their customers. Yahoo! says it's working with appropriate law enforcement agencies, and that it's notifying affected customers. Observers expect this latest breach disclosure to affect Verizon's planned acquisition of Yahoo's core assets.
The ShadowBrokers, who've been trying with small success to auction Equation Group code are changing their sales model, now offering it for retail. They chew syllables in improbable broken-English with Motherboard, explaining (sort of) "TheShadowBrokers is giving 'responsible parties' opportunity to making things right.”
Microsoft reports finding "FinFisher-like" spyware in APTs on European and Turkish systems.
US investigation of Russian election hacking continues. Homeland Security says the vote wasn't manipulated, but that's consistent with doxing to influence public opinion.