Yahoo already knew about state hackers who broke into networks in 2014

Yahoo already knew in 2014 that state hackers had penetrated their network. The company was just not aware at the time that this was the hack that looted the 500 million accounts. The company only found out this year after the data began to appear online.

Yahoo says in a regulatory filing that it could not verify whether the claims of the hacker who claimed to have the Yahoo data in July were correct. After the company had not found any traces of digital intrusion during the period in question, it started looking more closely at, among other things, the state hack of 2014. The company had already discovered it that same year, but did not disclose it. That incident turned out to be the source of the shipment of leaked user data in the course of the investigation. Recode discovered the papers, which the company filed on the day of the US presidential election.

In September, Yahoo announced that it had been hacked and that about half a billion user accounts had been stolen. This concerns usernames, passwords, telephone numbers, e-mail addresses and dates of birth. According to the company, the passwords were stored encrypted, most of them with bcrypt. Payment details, such as credit cards, would not have been stolen. Yahoo speaks of a “state-sponsored party”, but makes no statements about which state that would be.

Yahoo also reports that 23 lawsuits are pending against the company at the state and federal levels. While Yahoo tries to get a handle on the matter and understand how much it costs, the company is also working with Verizon to arrange the transition of its Internet operations to that company. In July, it was also announced that the American telco wants to buy it from Yahoo for 4.4 billion euros.

It was also recently revealed that Yahoo cooperated with large-scale requests from the NSA and FBI to examine incoming emails for certain content. This case is also still under development.