San Francisco - Yahoo! accounts were hacked in 2014 by cybercriminals rather than a state-sponsored party as the web portal claimed, according to an official with InfoArmor, a security company.
Hackers-for-hire using pseudonyms who are well known in the underground community broke into Yahoo’s data, said Andrew Komarov, chief intelligence officer with InfoArmor.
Yahoo said last week the attacker was a “state-sponsored actor,” and the stolen information from at least 500 million users may have included names, e-mail addresses, phone numbers, and, in some cases, un-encrypted security questions and answers.
“Yahoo was compromised in 2014 by a group of professional blackhats who were hired to compromise customer databases from a variety of different targeted organisations,” Scottsdale, Arizona-based InfoArmor said Wednesday in a report.
“The Yahoo data leak as well as the other notable exposures, opens the door to significant opportunities for cyber-espionage and targeted attacks to occur.”
While Yahoo had pointed to a state actor when it disclosed the hack last week, the link to a nation state wasn’t iron-clad, two people familiar with the company investigation told Bloomberg News at that time.
Yahoo hasn’t yet released the evidence on which it based the link to a nation state. The company last week said the investigation is continuing.
Yahoo Chief Executive Officer Marissa Mayer is grappling with news of the hack as she prepares for a planned $4.8bn acquisition by Verizon Communications that’s set to close by early next year.
The report that the hack wasn’t state-sponsored doesn’t change Verizon’s initial position that it’s still evaluating the potential effect on the deal, according to a person familiar with the situation.
Yahoo declined to comment on the InfoArmor report.
Komarov said the group responsible for the breach at Yahoo had carried out hacks before 2014. One of the clients for the hacker group’s data before the Yahoo breach was a state-sponsored party, he said.