The hack also surprised Verizon, which recently agreed to acquire Yahoo. "They (Yahoo) were probably trying to find the best way to break this info to the press." "This is probably the worst thing that could have happened," said Brad Bussie, director of product management at Stealthbits Technologies. Why it took so long for Yahoo to find out and inform the public wasn't clear from the company's statement on the breach. Security experts like Holden have noted that some people rely on Yahoo email for work purposes, putting corporate information potentially at risk. "Yahoo was once the number one email provider."Īccording to Yahoo, the breach disclosed on Thursday involved data taken from late 2014 - meaning hackers had two years to secretly capitalize on what they stole. "The Yahoo data breach will have a much bigger impact than almost any other breach that I can speak of," Holden said.
Still, Alex Holden, CIO at security firm Hold Security, wonders how many hackers are in possession of the company's stolen database. The company hasn't said if the two incidents are connected.
In August, an anonymous hacker was found selling a database with login details on 200 million Yahoo accounts. Prior to Thursday's confirmed breach, Yahoo had already been investigating another leak. "They couldn't just come in and take the grand piano." "The hackers probably attacked slowly, and quietly, without anyone watching," Kremez said. Stealing data on 500 million accounts is usually no easy task, he added. Security researchers have critiqued the gang's ransomware as suffering from " amateur coding practices," being "unprofessional" and " mediocre.Blaming it on a state-sponsored actor, however, indicates that Yahoo may have found evidence that the hackers were targeting the company over a long period of time, said Vitali Kremez, a cybercrime analyst at security firm Flashpoint. police certainly aren't alone in being victimized by this hacker collective, the fact that they got hit doesn't speak well to their cybersecurity practices. The group has reportedly made demands of between $60,000 and $85,000 to be paid in Bitcoin in the past. But the group has already gotten a reputation for being "big game hunters" - specifically targeting major businesses and institutions with the goal of scoring significant paydays. The Baduk gang is pretty new to the ransomware game, according to Bleeping Computer and other security researchers who track these developments. (Also, hey, maybe that information should be publicly available to begin with?) The public gaining access to the disciplinary records of the police roaming their streets could be potentially explosive. And then there's whatever fallout may come from the files being leaked. Doing that would not only blow up any covert operation that the police are carrying out, but would also likely put the lives of the undercover agents at risk. area and tell them the identities of police informants. If the police fail to do so, the hackers are threatening to contact local gangs and criminal operations in the D.C.
In a statement on their site, the hackers said they are giving the police three days to respond. However, they are making some pretty serious threats about what their next steps will be if their demands are not met. The hackers are asking for payment in order to go away, though it's not clear just how much money they are demanding. The data hosted on the hacking gang's website is accompanied by some messages in broken English that lay out their demands to the D.C. area, disciplinary files on MPD officers, and information on law enforcement's response to the Jan. In those files, the hackers claim, is intelligence on gang activity in the D.C. They claim to have snagged more than 250 GB of unencrypted files belonging to the law enforcement agency. On their "leak site," a database of the gang's hacks that is hosted on the dark web, the hackers published screenshots of some of the data that they were able to access and extract from the police. Word of the breach was first made public by the hackers, who are part of the Babuk Locker ransomware gang, on Monday. On Monday evening, the law enforcement agency confirmed that hackers successfully stole thousands of sensitive internal documents from the department and were holding them ransom, according to a report from Bleeping Computer. police appear to not even be able to defend themselves. Earlier this year, the Metropolitan Police Department in Washington, D.C., came under fire when they and the Capitol Police were unable to protect the seat of American government from insurrectionists.
0 kommentar(er)
