One mistaken click. That’s all it took for hackers aligned with the Russian state security service to gain access to Yahoo’s network and potentially the email messages and private information of as many as 500 million people.
The U.S. Federal Bureau of Investigation has been investigating the intrusion for two years, but it was only in late 2016 that the full scale of the hack became apparent. On Wednesday, the FBI indicted four people for the attack, two of whom are Russian spies.
Here’s how the FBI says they did it:
The hack began with a spear-phishing email sent in early 2014 to a Yahoo company employee. It’s unclear how many employees were targeted and how many emails were sent, but it only takes one person to click on a link, and it happened.
To read this article in full or to leave a comment, please click here
Source: News Feed