Yahoo confirmed a couple of months ago that it was the victim of what it calls a “state-sponsored” cyberattack that left details of more than 500 million of its users compromised. This cyberattack actually took place back in 2014 and the company has been trying to piece it all together, it only disclosed the hack a few months ago and now Yahoo has admitted that some people inside the company were aware of this massive hack.
Yahoo revealed this in a filing with the SEC. The company said in the filing that an independent committee of its board of directors which is being advised by a forensic expert and independent counsel is now investigating the “scope of knowledge within the Company in 2014 and thereafter” regarding this hack, among other things.
The company hasn’t gone into much detail at this point in time but the fact that it has confirmed that this investigation is taking place, it admits that some inside the company know that such a big cyberattack had taken place.
The committee is also looking into the extent of this hack and it will try to figure out the limit to which users’ account information was accessed. Reports suggest that information stolen by the hackers includes email addresses, encrypted passwords, security questions and answers as well as telephone numbers.
Yahoo is also trying to establish whether the hackers were able to create cookies which would enable them to access user account data without even needing a password.