Wednesday, October 5, 2016
Yahoo went through your emails for the U.S. government
Following Yahoo’s admission that state-sponsored hackers stole information from half a billion of its users, the floundering website really needed some good news. Unfortunately, today’s report is anything but good; in fact, it’s worse.
According to Reuters, Yahoo designed bespoke software designed to scan hundreds of millions of Yahoo Mail accounts at the instruction of the U.S. government. The report claims the software searched incoming messages in real-time for “specific information provided by U.S. intelligence officials,” including the NSA.
It’s unclear what information the software was looking for, or if anything of significance was discovered. What’s troubling is that Yahoo built a custom software program designed to secretly snoop on incoming emails—and apparently Yahoo CEO Marissa Mayer relented to the directive from U.S. intelligence officials without putting up a fight, a decision that led to the high-profile departure of Chief Information Security Officer Alex Stamos.
If true, the Reuters report flies in the face of a recent Yahoo transparency report that revealed less than 20,000 requests were made 2015 by the U.S. government. On the same page, a quote from Mayer says the company has worked hard to earn user trust and is committed to preserving it.
In addition to creating software to snoop on accounts, Reuters claims Mayer didn’t even involve Yahoo’s security team, which is why Stamos left the company for a position at Facebook.
Yahoo’s email engineers WERE ASKED to write a program to siphon off messages contain the character string the spies sought and store them for remote retrieval, according to sources.
The sources said the program was discovered by Yahoo’s security team in May 2015, within weeks of its installation. The security team initially thought hackers had broken in.
Reuters says the same demands may have been made to other companies, too, but it’s unclear if any complied.