That means names, birth dates, phone numbers and passwords of users were disclosed. “Frankly, I don’t know how Yahoo got away with this,” said Jay Kaplan, a former Defense Department cybersecurity expert and senior analyst at the National Security Agency who is now the chief executive of the cybersecurity company Synack. A hacking collective based in Eastern Europe quietly began offering Yahoo’s information for sale. At least three buyers paid about $300,000 each for a complete copy of Yahoo’s stolen database. With the stolen data, fraudsters have a higher chance of gaining access to the victims’ bank accounts.
Yahoo was now combined with AOL, another faded web pioneer that Verizon bought in 2015, into a new division of the telecommunications company called Oath. Verizon said it would continue to work closely with law enforcement. In March, the Department of Justice charged four men, including two Russian intelligence officers, with the 2014 breach. “Verizon is committed to the highest standards of accountability and transparency, and we proactively work to ensure the safety and security of our users and networks in an evolving landscape of online threats,” said Chandra McMahon, Chief Information Security Officer, Verizon.