The biggest data breach in recent times and the one that had all the eyeballs rolling was that of Yahoo. The massive 2014 data breach credentials was carried out by an Eastern European criminal gang, not a state-sponsored group as Yahoo claims, a cybersecurity firm has said.
The hackers, known as “Group E”, sold the stolen Yahoo data to at least three clients, including one state-sponsored actor. While Yahoo said it believes a nation-state actor was behind the breach, but did not provide any technical evidence.
Arizona-based security firm, InfoArmor, said in a report-“Yahoo was compromised in 2014 by a group of professional blackhats who were hired to compromise customer databases from a variety of different targeted organizations. The Yahoo data leak as well as the other notable exposures, opens the door to significant opportunities for cyber-espionage and targeted attacks to occur.”
The firm has not specified how it obtained access to the database or why Yahoo did not reveal the scope of the breach for almost two years.
According to InfoArmor chief intelligence officer Andrew Komarov, the hackers were also previously linked to other high-profile breaches at other websites including LinkedIn, Tumblr and MySpace.