The US Department of Justice has charged Russian spies for alleged involvement in the 2014 Yahoo hack.
Two officers of the Russian Federal Security Service (FSB) and two of their “criminal conspirators” were indicted by the government department for accessing Yahoo’s computer systems and compromising millions of accounts.
In an announcement the DoJ said the four individuals were wanted for “computer hacking, economic espionage and other criminal offenses in connection with a conspiracy”. The alleged criminal offences started in January 2014 and relate to Yahoo’s network and the contents of webmail accounts.
The DoJ names the defendants as Dmitry Aleksandrovich Dokuchaev, 33; Igor Anatolyevich Sushchin, 43; Alexsey Alexseyevich Belan, aka “Magg,” 29; and Karim Baratov, aka “Kay,” “Karim Taloverov” and “Karim Akehmet Tokbergenov,” 22. All are Russian nationals and residents, except “Kay” who is a Canadian and Kazakh national, and a resident of Canada.
The DoJ says the four accused accessed Yahoo’s systems and stole details of 500 million accounts and used this information to access email accounts of other providers, such as Google. Russian journalists, US and Russian government officials and the employees of unnamed financial and transportation companies had their details accessed.
“One of the defendants also exploited his access to Yahoo’s network for his personal financial gain, by searching Yahoo user communications for credit card and gift card account numbers, redirecting a subset of Yahoo search engine web traffic so he could make commissions and enabling the theft of the contacts of at least 30 million Yahoo accounts to facilitate a spam campaign,” the DoJ said.
The hack was one of two publicly disclosed attacks against Yahoo. The individuals are not believed to be linked to the 2013 hack in which one billion accounts were compromised.
Customers of Sky and BT have been told to change their email account passwords after Yahoo admitted being hit by a cyber attack.
The search giant has admitted it was hit by a massive attack in 2014 when 500 million accounts were hit. The data breach is believed to be the biggest taking of user account details of all times.
Now, customers of both the internet service providers were told to update their passwords – as Yahoo provides email services through their accounts.
Sky.com email account holders were told to change passwords in a statement posted online. Similarly, some BT email accounts also were powered by Yahoo.
“BT is currently investigating the Yahoo data breach,” it said in a statement. “As a precaution for the minority of our customers who use Yahoo mail, we are advising those who haven’t changed their passwords post-December 2014 to change them .”
The data breach happened in 2014 and is likely to have been conducted in an attack orchestrated by a state-sponsored organisation, the firm said in a statement.
“The account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers,” the company wrote.
An investigation by the company says that a state-sponsored actor is no longer in the company’s network and it is working with law enforcement officials to try and resolve the issue.
“The ongoing investigation suggests that stolen information did not include unprotected passwords, payment card data, or bank account information; payment card data and bank account information are not stored in the system that the investigation has found to be affected.”
Customers are told to “to review their online accounts for suspicious activity and to change their password and security questions and answers for any other accounts on which they use the same or similar information used for their Yahoo account”. And, in security advice that applies at all times, it advises its users to not click on any unknown links or suspicious attachments.
Before the company admitted the breach it was reported a “massive” data breach of its main service, had happened by Recode.
Recode cited several anonymous sources close to the situation, who explained the gravity of the hack. In addition, it said there are likely to be government investigations and legal action related to the breach.
Earlier this summer, Yahoo was investigating another data breach in which hackers claimed to have access to 200 million user accounts, details of which would be sold online. One of Recode’s sources described this recent hack as “worse” than that.
The alleged hacker involved with the Yahoo case in August was reportedly advertising the account information of 200 million Yahoo users on the dark web for just over $1,800 (£1,390). The hacker, known as Peace, had previously sold data dumps of MySpace and LinkedIn users.
When Motherboard contacted Yahoo about the data release in August, a spokesperson told the website: “We are aware of a claim,” and said it was investigating the information.
Yahoo’s CEO Marissa Mayer is about to close a deal with Verizon Communications Inc to acquire the internet firm for $4.8 billion (£3.6 billion). Yahoo still draws in one billion monthly users for its mail services and news and sports content.