2016 was a very difficult year for Yahoo which experienced two separate breaches with 500 million victims users one and 1 billion users afterwards. The hackers who managed to steal the details of 1 billion user accounts of the company, according to the New York Times, sold the database on the Dark Web last August for $300.000.
The information comes from Andrew Komarov, head of the information office at InfoArmor security company. The researcher told NYT that three buyers, including two prominent spammers and another who could participate in regular espionage actions, bought the whole database with 300.000 dollars from a group of hackers believed to be operating from Eastern Europe.
The amount of $300.000 is considered humiliating, for a database containing a billion accounts. This means that buyers paid for each account 0,0003 cents on the dollar to hackers.
Note that in addition to full names, passwords, birthdates and phone numbers, the database contains security and backup features in email addresses that could help reset your forgotten passwords.
Of course, these elements can be used in phishing attacks that may have accurate personal information, and are aimed at bank accounts, credit cards that you can imagine.
Komarov told Bloomberg ότι πάνω από 150.000 accounts of the US government and military were found in the database, meaning hackers could threaten national security.
Yahoo, on the other hand, said it was unable to confirm Komarov's allegations yet. Meanwhile, the FBI said in a statement that it is investigating the violation.
It will be interesting to see what this revelation will bring to the future of Yahoo, which is preparing to be transferred to a new owner. Verizon up until the announcement of hack offered 4.8 billions to purchase the company.