US set to charge four hackers for Yahoo breaches

Three Russians are reportedly among four hackers US authorities believe to be linked to data breaches at Yahoo affecting more than a billion accounts

US authorities are reportedly preparing to charge four hackers in connection with Yahoo data breaches that exposed personal details linked to more than 1.5 billion accounts.

An arrest is expected in Canada soon, while the three other suspects are in Russia, according to a Bloomberg report citing an anonymous source.

The US does not have an extradition agreement with Russia and typically waits for suspected hackers to leave the country to carry out arrests.

In 2016, it was revealed that Yahoo was breached in 2013, compromising more than one billion user accounts, and again in 2014, which affected 500 million accounts.

It is not yet known if the four hackers are to be charged in connection with both of the breaches or just one. Yahoo previously said the 2014 data breach was the work of state-sponsored hackers.

When the breaches were uncovered, they threatened to derail the sale of Yahoo’s core business to Verizon, but ultimately resulted in a $350m reduction in the price to $4.48bn.

Under the new deal, Yahoo and Verizon will split the cost of government investigations and third-party litigation related to the data breaches, but Yahoo alone will be responsible for any liabilities arising from shareholder lawsuits and a Securities and Exchange Commission (SEC) investigation.

Yahoo’s data breaches also cost its top lawyer Ronald Bell his job and CEO Marissa Mayer millions in bonuses, highlighting the importance of executive involvement in cyber security and breach investigations.

An independent committee brought in to investigate the breaches concluded that the Yahoo management team failed to respond effectively to the breach discovered in 2014.

Read more about Yahoo

The committee’s report said although Yahoo’s security team had uncovered evidence that a hacker backed by an unnamed foreign government had breached user accounts in 2014, executives “failed to act sufficiently” and that the incident “was not properly investigated and analysed at the time”.

Yahoo’s most recent SEC filing revealed that 32 million user accounts have also been accessed over the past two years by state-sponsored hackers using forged cookies. Evidence of the intrusions was discovered by an external forensic team investigating the previously disclosed breaches.

Yahoo said it continues to co-operate with state and federal law enforcement authorities on inquiries into the breaches. The business cost of poor cyber security is further underlined by the fact that more than 40 lawsuits have been filed seeking damages for the breaches.

Read more on Hackers and cybercrime prevention