Reyes Daniel Ruiz, a former Yahoo software engineer has acknowledged hacking accounts of approximately 6,000 users looking for sex photos and videos. The assumption came in court, where the former Yahoo confessed that he attacked accounts of women younger than him.
Among these women, were coworkers and personal friends. Access to hacking victims’ data was not only limited to Yahoo accounts, but through it, Ruiz gained access to Facebook, Gmail, iCloud and other cloud services, according to prosecutors. It is not mentioned in the news, but it was probably relatively simple thanks to the use of the same password throughout all these services by its users.
Released while awaiting sentencing
The sentence will be known on February 3. If convicted of computer intrusion, Reyes Daniel Ruiz can be sentenced to five years in prison. The seriousness of the case is that, in addition to hacking, Ruiz stored all the data obtained on a private computer. One of his bosses perceived suspicious activity, and he destroyed the hard drive and the computer.
Currently, Ruiz is free thanks to having accepted the conditions of an unsecured bond of $ 200,000. This means that if you do not meet the conditions, you will have to pay that amount. Additionally, if the sentence is considered guilty, Ruiz faces the aforementioned five years in prison and the payment of 250,000 euros.
Since the information breach that Yahoo suffered in its great hacking (one of the largest in history), trust in the company has not been restored. However, that an engineer can get hold of the passwords of 6,000 accounts of a large company is not trivial. The passwords in these services are usually stored encrypted and not in plain text, but it has not been disclosed what method the former employee used to access them.
Via | Court of Justice