02 Dec How it really happened : NINJIO Season 1, Episode 12, Yahoo! breach
In this Episode, a large business acquisition is underway between Horizon and Wahoo. During the middle of the acquisition, news broke that over half-a-billion credentials were breached from Wahoo. The CEO of Horizon learned about the breach via the NINJIO News Network (NNN) and not from the CEO of Wahoo himself, which caused a major uproar and is putting the acquisition at risk.
We learn that the source of the breach was a “watering hole” attack.
One of the biggest data breaches to date was a recent Yahoo attack that exposed an estimated 500 million accounts. The company claims it was a government sponsored attack, and the FBI is currently investigating.
Yahoo allegedly knew of the breach prior to announcing it to its users. Some experts think it was hidden during Verizon buyout negotiations, but the announcement of the attack has led to re-negotiation proceeding between Yahoo and Verizon.
It’s common for hackers to target employees in an effort to gain access to internal data and accounts. Hackers use phishing emails with fake software update popups. Employees install these fake updates and leave their computers open for eavesdropping and remote control.
Hackers target groups of people within an organization in an attempt to gain access to data. They also use malware embedded in what looks like legitimate software.