The US Justice Department announced Wednesday that it was pressing charges against two Russian spies and two hackers for the cyberattack that exposed the user data of 500 million Yahoo user accounts in 2014. Here's what you need know.

Two Members Of The Russian Federal Security Agency Allegedly Hired Two Hackers To Obtain Data Of Interest

The indictment names two FSB agents — Igor Suschin and Dmitry Dokuchaev — who allegedly contracted criminal hackers to compromise Yahoo’s database, which included both US military officers and Russian journalists believed to be of interest to the FSB.

[The Verge]

One Of The Accused Apparently Stole And Used Credit Card Numbers

One of the defendants also exploited his access to Yahoo’s network for his personal financial gain, by searching Yahoo user communications for credit card and gift card account numbers, redirecting a subset of Yahoo search engine web traffic so he could make commissions and enabling the theft of the contacts of at least 30 million Yahoo accounts to facilitate a spam campaign.

[US Justice Department]

The Four Men Face 47 Charges

The four men together face 47 criminal charges, including conspiracy, computer fraud, economic espionage, theft of trade secrets and aggravated identity theft, the Justice Department said in a news release.

[The New York Times]

The Hack Potentially Exposed User Data From Wide-Ranging Sources

The compromised accounts may have affected more than just email. Breaking into a Yahoo account would give the hackers access to users’ activity on Flickr, Tumblr, fantasy sports and other Yahoo applications.

[The Washington Post]

Yahoo Reported A 2013 Data Breach This December, That Exposed The Data Of 1 Billion Users

It is still not known if the two are connected.

Yahoo was tentative in its description of new problems, saying the incident was "likely" distinct from the one it reported in September and that stolen information "may have included" names, e-mail addresses, telephone numbers, dates of birth, hashed passwords and, in some cases, encrypted or unencrypted security questions and answers.

[Reuters]

Today, Yahoo Thanked The DOJ For Going After The Agents

The company did not go into detail about the measures it could have taken to prevent the hacks.

The indictment unequivocally shows the attacks on Yahoo were state-sponsored. We are deeply grateful to the FBI for investigating these crimes and the DOJ for bringing charges against those responsible... We appreciate the FBI’s diligent investigative work and the DOJ’s decisive action to bring to justice those responsible for the crimes against Yahoo and its users. We’re committed to keeping our users and our platforms secure and will continue to engage with law enforcement to combat cybercrime.

[Yahoo]

Only one of the accused is in custody.



