German Cyber Agency Chides Yahoo for Not Helping Hacking Probe
The U.S. Justice Department in March charged two Russian intelligence agents and two hackers for masterminding the 2014 theft of 500 million Yahoo accounts.
Data breach victims can sue Yahoo in the United States - judge (Image: Reuters)
Germany's federal cyber agency said on Thursday that Yahoo Inc had not cooperated with its investigation into a series of hacks that compromised more than one billion of the U.S. company's email users between 2013 and 2016.
Yahoo's Dublin-based Europe, Middle East and Africa unit "refused to give the BSI any information and referred all questions to the Irish Data Protection Commission, without, however, giving it the authority to provide information to the BSI," Germany's BSI computer security agency said.
A BSI spokesman said it decided to go public after Yahoo repeatedly failed to respond to efforts to look into the data breaches and garner lessons to prevent similar lapses. BSI also urged internationally active Internet service providers to work more closely with it when German customers were affected by cyber-attacks and other computer security issues.
Yahoo did not respond to requests for comment, while Ireland's data protection agency was not immediately available.
The BSI's statement comes at a time of heightened German government concerns about Russian meddling in national elections in September, after cyber-attacks on the French and U.S. presidential elections which have been linked to Russia.
The U.S. Justice Department in March charged two Russian intelligence agents and two hackers with masterminding the 2014 theft of 500 million Yahoo accounts, marking the first time the U.S. government had criminally charged Russian spies for cyber offenses. While U.S. officials have charged Russian intelligence agents with involvement in at least one of the hacks that affected Yahoo.
Moscow has denied any involvement in hacking.
The BSI said it did not yet have any concrete information about the data breaches because of Yahoo's lack of cooperation.
"Users should, therefore, be very careful about which services they want to use in the future and to whom they entrust their data," BSI President Arne Schoenbohm said in a statement.
The BSI chief reiterated his recommendation that German consumers consider switching to other email service providers, adding that certifications such as those offered with C5-class cloud service security were valuable for customers.
C5 is a German government scheme to encourage cloud-based internet service providers to attest they use various safeguards against cyber-attacks.
Late last year Yahoo, which has agreed to be acquired by U.S. telecoms giant Verizon and is set to be merged with AOL to form a new business known as Oath, revealed a data breach dating back to 2013 of one billion user accounts.
The various disclosures led Verizon to cut the amount it was willing to pay for Yahoo by $350 million on its previously agreed $4.83 billion deal. Yahoo has said it expects the merger into Verizon to close in June.
BSI said an additional 32 million Yahoo users were affected by cyber breaches in 2015 and 2016. A spokesman for the agency said he was unaware of any additional breaches in 2017.
Get the best of News18 delivered to your inbox - subscribe to News18 Daybreak. Follow News18.com on Twitter, Instagram, Facebook, Telegram, TikTok and on YouTube, and stay in the know with what's happening in the world around you – in real time.
Recommended For You
- Sonakshi Sinha Wishes 'Dabangg' Wives Happy Karva Chauth with New Film Poster
- 'Only Lionel Messi' Thread on Twitter Proves Why He is the Best in Football
- Facebook's Mark Zuckerberg is Defending Free Speech; Yes, You Read That Right
- Samsung Diwali Sale: Offers on Galaxy S9, Galaxy Note 9, Galaxy M10s and More
- Truecaller Makes a Big Privacy Pitch as Focus on Instant Messaging Intensifies