2016 was a very difficult year for Yahoo that experienced two separate violations with 500 victims millions of users one and 1 billion users afterwards. Hackers who managed to steal details from 1 billion user accounts of the company, according to the New York Times, sold the Dark Web database last August for 300.000 dollars.
The information comes from Andrew Komarov, head of the intelligence office at security firm InfoArmor. The researcher told the NYT that three buyers, including two prominent spammers and another who could be involved in regular operations espionageThey bought the entire database for $300.000 from a hacker group believed to be operating out of Eastern Europe.
The amount of $300.000 is considered humiliating, for a database containing a billion accounts. This means that buyers paid for each account 0,0003 cents on the dollar to hackers.
Please note that in addition to full names, passwords, dates of birth and phone numbers, the database contains security features and creationof backups to email addresses that could help in resetting forgotten passwords.
Of course these details can be used in phishing attacks that may have precise personal details, and target bank accounts, credit cards anything else you can imagine.
Komarov told Bloomberg that more than 150.000 accounts of the US government and military were found in the database, which means that hackers could threaten national security.
Yahoo, on the other hand, said it was unable to confirm Komarov's allegations yet. Meanwhile, the FBI said in a statement that it is investigating the violation.
It will be interesting to see what this revelation will bring to the future of Yahoo, which is preparing to be transferred to a new owner. Verizon up until the announcement of hack offered 4.8 billions to purchase the company.