Tag: yahoo

Yahoo being investigated for handling of data breaches

Marissa-Mayer-webex-ART-OLD-SITE (1)The troubled search engine outfit Yahoo is being investigated by Inspector Knacker of the US yard and financial regulators over its handling of two huge data breaches.

Yahoo was hacked in 2014 and huge amounts of personal data was stolen. Yahoo, which was a little concerned about more publicity failed to make the news public.

Now the FBI is looking into whether Yahoo’s two massive data breaches should have been reported sooner to investors. If Yahoo faces any fall-out from the case then it could be a major test in defining when a company is required to disclose a hack.

For those who came in late, the first data breach in 2013 that involved more than one billion users’ accounts. The second was in 2014, an intrusion which involved about 500 million accounts. SEC has requested documents from Yahoo.

The agency has been considering a model case for cybersecurity rules it issued in 2011. Yahoo has said that it was cooperating with the SEC, Federal Trade Commission and other federal, state, and foreign governmental officials and agencies including “several State Attorneys General, and the U.S. Attorney’s office for the Southern District of New York”.

When Yahoo reported the 2014 breach, it said that evidence linked it to a state-sponsored attacker. It has not announced a suspected responsibility for the larger 2013 intrusion, but the company has said it does not believe the two breaches are linked.

 

Yahoo gone, Mayer to quit

Marissa-Mayer-webex-ART-OLD-SITE (1)Yahoo is to rename itself Altaba and Chief Executive Officer Marissa Mayer will quit after the closing of its deal with Verizon.

Yahoo has a deal to sell its core internet business, which includes its digital advertising, email and media assets, to Verizon for $4.83 billion.

Five other Yahoo directors would also clean out their desks after the deal closes, Yahoo told regulators. The new company also named Eric Brandt chairman of the board.

The remaining directors will govern Altaba, a holding company whose primary assets will be a 15 percent stake in Chinese e-commerce company Alibaba and 35.5 percent stake in Yahoo Japan.

The terms of that deal could be amended – or the transaction may even be called off – after Yahoo last year disclosed two separate data breaches; one involving some 500 million customer accounts and the second involving over a billion.

Verizon executives have said that while they see a strong strategic fit with Yahoo, they are still investigating the data breaches.

 

Verizon getting cold feet about Yahoo

coldfeet191115Telco Verizon, which was thinking about buying the troubled search engine outfit Yahoo, is getting cold feet.

The deal was all set to go through and then Yahoo was hit by a couple of security scandals including a suppressed data leak which stripped value from the company.

Marni Walden, president of product innovation and new businesses, who is a senior executive of Verizon said that she could not sit “sit here today and say with confidence one way or another because we still don’t know.”

If it wants to get out of the deal, Verizon likely will have to show the overall value of Yahoo has declined as a result of the two hacking disclosures.

“I have to have certain facts in order to be able to make a decision. There’s a lot of stuff we don’t know.”

If only there was a good search engine where you could look up the information you need on that Internet thingee.

Yahoo hacked again

13.-Hacker-1-696x464Yahoo has said that it was hacked again and data from more than a billion user accounts was nicked.

Apparently the attack happened in August 2013, making it the largest breach in history and we just found out about it.

The number of affected accounts was double the number implicated in a 2014 breach that the internet company disclosed in September and blamed on hackers working on behalf of a government. News of that attack, which affected at least 500 million accounts, prompted Verizon Communication Inc to say in October that it might withdraw from an agreement to buy Yahoo’s core internet business for $4.83 billion.

Verizon said about the latest attack that it would be reviewing the impact of this new development before reaching any final conclusions.

A Yahoo spokesman said the company has been in communication with Verizon during its investigation into the breach and that it is confident the incident will not affect the pending acquisition.

A spokesYahoo added it believes hackers responsible for the previous breach had also accessed the company’s proprietary code to learn how to forge “cookies” that would allow hackers to access an account without a password.

However some analysts have said that the company has screwed up and was found not to have been taking security seriously enough.

Yahoo said it had not yet identified the intrusion that led to the massive data theft and noted that payment-card data and bank account information were not stored in the system the company believes was affected.

Yahoo said it discovered the breach while reviewing data provided to the company by law enforcement. FireEye Inc’s Mandiant unit and Aon Plc’s Stroz Friedberg are assisting in the investigation, the Yahoo spokesman told Reuters.

 

Big Tech reacts in horror to Yahoo’s spying story

A shocked Baby (2)_fullAfter the news got out that Yahoo has been scanning its mail systems for the US spooks, the bigger US ISPs have reacted in horror and said they would never dream of such a thing.

Apple, Facebook, Google, Microsoft, and Twitter have all said they would never do such a thing.

According to Reuters, Yahoo built in 2015, at the US  government’s request, software that scans literally all emails for certain information provided by either the National Security Agency or the FBI. The software was never mentioned in Yahoo’s biannual transparency report. In the latter half of 2015, the company received 4,460 total government data requests, for 9,373 accounts, that it would classify as “Government Data Requests,” a category that includes National Security Letters from the FBI and Foreign Intelligence Surveillance Act requests.

According to the Reuters report, the Yahoo programme was known to only a handful of employees.

A Facebook representative said “Facebook has never received a request like the one described in these news reports from any government, and if we did we would fight it.”

Google said the same: “We’ve never received such a request, but if we did, our response would be simple: ‘no way.’”

A Microsoft spokesperson added: “We have never engaged in the secret scanning of email traffic like what has been reported today about Yahoo.”

A representative for Twitter replied that: “We’ve never received a request like this, and were we to receive it we’d challenge it in a court. Separately, while federal law prohibits companies from being able to share information about certain types of national security related requests, we are currently suing the Justice Department for the ability to disclose more information about government requests.”

While Apple declined to give a statement on the record it has previously said it would never do anything like that.

Yahoo is coming out looking like the bad guy. It is in talks to be acquired by Verizon, but also facing another scandal for suffering the largest known user data leak in history, with 500 million users’ information exposed. However it failed to mention it to its users.

Yahoo called out on “state sponsored hack”

13.-Hacker-1-696x464Troubled search outfit Yahoo has been called out over its claim that it was the victim of a state sponsored hacker in 2014.

Yahoo got into all sorts of hot water after it was revealed that it had been hacked a while ago and forgot to tell anyone It appeared to make matters worse by implying that it was not a regular common garden hack that bought its security to its knees but one of those government hacks which are impossible to stop.

According to InfoArmor, which claims to have some of the stolen information the hack was carried out by a bunch of hackers whose main clients are spammers.  “Group E,” a team of five professional hackers believed to be from Eastern Europe and are not backed by any government at all.

Andrew Komarov, InfoArmor’s chief intelligence officer claimed that Group E was behind high-profile breaches at LinkedIn, Dropbox and Tumblr. To sell that information, the team has used other hackers, such as Tessa88 and peace_of_mind, to offer the stolen goods on the digital black market.

“The group is really unique,” Komarov said. “They’re responsible for the largest hacks in history, in term of users affected.”

InfoArmor’s claims dispute Yahoo’s contention that a “state-sponsored actor” was behind the data breach, in which information from 500 million user accounts was stolen. Some security experts have been skeptical of Yahoo’s claim and wonder why the company isn’t offering more details.

The database that InfoArmor has contains only “millions” of accounts, but it includes the users’ login IDs, hashed passwords, mobile phone numbers and zip codes, Komarov said.

The security firm says it obtained the data from “operative sources” about a week ago and has verified that the account information is real. Komarov wouldn’t say more about how InfoArmor got the data.

Group E has sold the stolen Yahoo database in three private deals, Komarov said. At one point, the Yahoo database was sold for at least $300,000, he said. His firm has been monitoring the group’s activities for more than three years.

 

Yahoo’s hack spinning is not working

ElderlyspinneraTroubled search engine outfit Yahoo is getting itself deeper and deeper into hot water over the hacking scandal.

For those who came in late, Yahoo suffered a major hack which effected 500 million users, however for some reason it forgot to tell people about it for years.

The outfit’s latest trick is to claim that its massive data breach on a “state-sponsored actor” however it has not explained how it arrived at that conclusion. Nor has it provided any evidence.

Security analysts think that Yahoo is not telling the full truth about the hack.. The company has protocols in place that can detect state-sponsored hacking into user accounts. In a December 2015 blog post, the company outlined its policy, saying it will warn users when this is suspected.

Yahoo blaming foreigners is pure spin. There is a perception that while companies can handle ordinary hackers it is unfair to expect them to be able to take on “state hackers.”

In fact, it is pretty likely it was your run-of-the-mill common-garden hacker who took down Yahoo.

National spooks are more interested in state secrets they don’t really care about emails and passwords from a Yahoo account.”

What is also likely is that Yahoo is not talking about the hack because Verizon has agreed to pay $4.8 billion to buy Yahoo.  Verizon might be less keen on buying the company if it knows it has to fork out to buy a mess to clean it up.

Yahoo said it only recently learned of the data breach. But the hack actually occurred back in late 2014 — meaning the perpetrators had two years to secretly exploit the data.  This has got them in trouble with the US government who feels they should have declared it sooner.

Yahoo suffers major hack

59cbc5d3dbfa46a01d5469bd0fbdd1e7Troubled search engine Yahoo has confirmed a large-scale data breach in which 500 million accounts were turned over in a state-sponsored hack.

Users’ “names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers” may have all be acquired in the breach.

A spokesYahoo said: “Yahoo believes that information associated with at least 500 million user accounts was stolen and the investigation has found no evidence that the state-sponsored actor is currently in Yahoo’s network. Yahoo is working closely with law enforcement on this matter.”

Yahoo said it would notify users who may have been affected and urged those who had not changed their Yahoo passwords since 2014 to do so.

The company also noted that they believed “unprotected passwords, payment card data, or bank account information; payment card data and bank account information” were not compromised in the hack.

Yahoo has previously had several issues with hackers and data breaches.

In 2015, hackers  hijacked Yahoo’s ad network for a week, spreading malware via advertisements to millions of users.

In 2012, users sued Yahoo over a breach in which passwords from 450,000 accounts were stolen.

Twitter results disappoint Wall Street

Wall Street is very disappointed with TwTwitteritter and is talking about the outfit being sold or at very least its CEO Jack Dorsey being forced to walk the plank.

Twitter announced second quarter earnings that missed estimates and the company provided a  lower than expected outlook.

Its share price fell almost 15 percent and Twitter shares are down 50 percent since Dorsey returned last summer to the helm of the social media company he co-founded.

In fact Twitter continues to show almost no growth in its user base of a little over 300 million and its  advertising revenues are softer than a baby’s bottom.

The company cut its forward revenue estimate for the next quarter to $590 million- $610 million, while analysts had been expecting $681 million.

At a market cap of about $11 billon, compared with more than $40 billion at its peak, Twitter could now be a more attractive takeover target.

Verizon, which owns AOL, this week said it would buy Yahoo for $4.8 billion. Google, Disney and Apple have also been mentioned as possible acquirers of Twitter.

Twitter surged briefly earlier this month after Microsoft announced its acquisition of LinkedIn, as investors hoped for a similar deal for Twitter, but it seemed that Vole was not going to be that silly.

 

Verizon buys Yahoo

marissa_new4Verizon has announced it is buying most of what people think is Yahoo for $5 billion.

The deal will end months of uncertainty about Yahoo’s future after the company announced plans to review strategic alternatives in February. Bloomberg first reported the deal would be announced on Monday for $4.8 billion which was pretty close.

The transaction would boost Verizon’s AOL internet business, which the company acquired last year for $4.4 billion, by giving it access to Yahoo’s advertising technology tools, as well as other assets such as search, mail, messenger and real estate.

It would also mark the end of Yahoo as an operating company, leaving it only as the owner of a 35.5 percent stake in Yahoo Japan, as well as its 15 percent interest in Chinese e-commerce company Alibaba.

Started in 1994 by Stanford graduate students Jerry Yang and David Filo, Yahoo in its early years was the destination of choice for many making their first forays onto the World Wide Web.

By 2008, Yahoo was fending off a contentious takeover bid from Microsoft and struggling to define its mission.

In December, Yahoo scrapped plans to spin off its Alibaba stake after investors fretted over whether that transaction could have been carried out on a tax-free basis. It instead decided to explore a sale of its core assets, spurred on by activist hedge fund Starboard Value LP.

More details are expected to be announced today.