Data breach breadth larger than initially expected

Sep 27, 2016 19:05 GMT  ·  By

Several US senators are calling on Yahoo to reveal more details about how the company handled the data breach it announced last week, during which an unknown "state-sponsored actor" stole 500 million user records.

The Yahoo announcement managed to annoy plenty of people who found it unacceptable for a company of Yahoo's stature to take two years to discover such a massive data breach.

Yahoo might be the subject of a SEC investigation

According to TechCrunch, last Friday, on September 23, a day after Yahoo's announced its data breach, US Senator Mark Warner from Virginia sent a letter to the US Securities and Exchange Commission (SEC), asking it to investigate the way Yahoo disclosed the breach, both to Verizon and its users.

Senator Warner claims that Yahoo and its CEO, Marissa Mayer, knew of the breach, or at least suspected it, since July, when they received tips about Yahoo user data being exchanged on the Dark Web.

The Senator is almost certain that Yahoo hid this information from Verizon, a company which later bought most of Yahoo's assets for $4.8 billion in late July.

US senators are asking Mayer for more details about the breach

Also today, a Reuters reporter obtained a copy of a letter sent by six US Democratic senators to Mayer herself, asking her point blank questions about the way she and the company handled the incident.

The senators asked Mayer for a timeline of events, why did it take two years to detect the hack, and why the company waited two months before alerting customers.

While US senators are legitimately worried for how the breach impacts the daily lives of regular Americans, the breach may be more wide-reaching than initially considered.

Yahoo breach affects more than Yahoo! users

Security researchers from Bitcrack Cyber Security conducted a scan of custom domains that used Yahoo's business service to run their email server on Yahoo's infrastructure. The service is similar to how Google allows companies to run their own email service on top of the Gmail infrastructure.

The researchers found 572,162 web domains that used Yahoo's infrastructure as their email server, meaning they were running a custom Yahoo Mail service for their company's internal email. Most of these web domains belonged to US companies, researchers said.

"It is clear, that with the stolen login information, attackers have had 2 years to not only get into @yahoo.com accounts but also a vast array of domains belonging to other companies and organizations," said Dimitri Fousekis, Bitcrack Cyber Security CTO. "Clearly, a major impact for people and companies  - the impact of which may only be realized much later on."

His company has launched a free web service that allows users to test if their work-related non-Yahoo.com email address uses Yahoo's enterprise email service backend.

Number of domains using Yahoo Mail as their email service
Number of domains using Yahoo Mail as their email service

Photo Gallery (2 Images)

US senators start probing Yahoo over recent data breach
Number of domains using Yahoo Mail as their email service
Open gallery