For those who came in late, Yahoo suffered a major hack which effected 500 million users, however for some reason it forgot to tell people about it for years.
The outfit’s latest trick is to claim that its massive data breach on a “state-sponsored actor” however it has not explained how it arrived at that conclusion. Nor has it provided any evidence.
Security analysts think that Yahoo is not telling the full truth about the hack.. The company has protocols in place that can detect state-sponsored hacking into user accounts. In a December 2015 blog post, the company outlined its policy, saying it will warn users when this is suspected.
Yahoo blaming foreigners is pure spin. There is a perception that while companies can handle ordinary hackers it is unfair to expect them to be able to take on “state hackers.”
In fact, it is pretty likely it was your run-of-the-mill common-garden hacker who took down Yahoo.
National spooks are more interested in state secrets they don’t really care about emails and passwords from a Yahoo account.”
What is also likely is that Yahoo is not talking about the hack because Verizon has agreed to pay $4.8 billion to buy Yahoo. Verizon might be less keen on buying the company if it knows it has to fork out to buy a mess to clean it up.
Yahoo said it only recently learned of the data breach. But the hack actually occurred back in late 2014 — meaning the perpetrators had two years to secretly exploit the data. This has got them in trouble with the US government who feels they should have declared it sooner.