A hacker operating under the alias “exelo” has allegedly advertised a database containing 602,800 Yahoo email accounts on an underground forum.
The post claims the dataset is “private and non-Russian. ” The full list costs $100. A free sample of 50,000 accounts is reportedly offered to interested buyers as a test.
The advertisement appears on a dark web forum frequented by cybercriminals. The seller boasts an extensive database of Yahoo accounts, though the exact contents remain hidden behind a paywall.
The Alleged Data Leak
While the post does not specify whether passwords or other sensitive information are included, such leaks often contain usernames, hashed passwords, dates of birth, and backup email addresses.
These details can be exploited for phishing attacks, identity theft, or credential stuffing, a method where hackers use leaked credentials to access other accounts where users may have reused passwords.
Data breaches like this are not unprecedented for Yahoo. The company has faced several high-profile incidents in the past:
In 2014, Yahoo suffered a massive breach that exposed 500 million user accounts. The stolen data included names, email addresses, telephone numbers, and encrypted passwords.
Another breach in 2013 compromised over one billion accounts. This incident was later revealed to be distinct from the 2014 breach.
The current claim of 602,800 accounts sold could represent a new breach or recycled data from previous leaks.
Cybersecurity experts often warn that older datasets are sometimes repackaged and sold as new to unsuspecting buyers on dark web marketplaces.
If verified, this leak could have significant consequences for affected users:
- Credential Reuse Attacks: Many users reuse passwords across multiple platforms. If passwords are included in the dataset, attackers could gain unauthorized access to other services.
- Phishing Campaigns: Email addresses from such leaks are often targeted in phishing scams designed to steal further personal information or financial details.
- Identity Theft: Leaked personal information can be used to impersonate victims for financial fraud or other malicious activities.
Preventive Measures for Users
Yahoo users are strongly advised to take immediate action to secure their accounts:
Change Passwords: Update your Yahoo account password and ensure it is unique and strong. Avoid reusing passwords across different platforms.
Enable Two-Factor Authentication (2FA): Adding an extra layer of security can prevent unauthorized access even if credentials are compromised.
Free Webinar: Better SOC with Interactive Malware Sandbox for Incident Response and Threat Hunting – Register Here