Yahoo recently disclosed that a massive data breach, which occurred back in 2014, affected up to 500 million of its users. The company said it suspects that the breach was state-sponsored. Forensic teams are now looking at the usual suspects which include countries such as Russia and China. However, there is no proof available to implicate any of these nations.
While Yahoo has tried to deflect attention from its inability to avert the breach, various experts have questioned the company's claim.
The Guardian quoted Constant Karagiannis, chief technology officer of Security Consulting at BT Americas saying that Yahoo attack "doesn't fit the normal intent or objectives of nation-state attacks." She further stated that blaming a state may be "less embarrassing for Yahoo."
Yahoo has said that it is collaborating with the FBI to investigate the incident. The Financial Times stated that technology companies usually do not implicate governments in instances of data breach. The most prominent exception was made by Google in 2010 when it was the victim of Operation Aurora. Google claimed the attacks originated in China. The incident led to the breakup of the fragile relationship between China and Google.
However, some experts are willing to give Yahoo the benefit of the doubt. Speaking to The Guardian, Kenneth Geers, a senior research scientist with Comodo, said that Yahoo is a major global internet player, which makes the company an attractive target for hackers.