In the security weeds? Yahoo won't yet comment. (credit: Neon Tommy)
In August, a dealer in stolen data who goes by the online moniker "Peace"—the person or persons who previously sold data from the accounts of MySpace and LinkedIn users—announced that the results of another "megabreach" were for sale. This time, it's the account information of 200 million Yahoo users. According to a report by Recode's Kara Swisher, Yahoo is preparing to confirm the four-year-old breach, potentially creating problems for the company's planned $4.8 billion acquisition by Verizon.
A previous examination of a sample of the data obtained by Motherboard was inconclusive. There has been a number of other claimed breaches of Yahoo's account data, including a claim of 40 million Yahoo accounts among a total of 272 million alleged stolen credentials reported in May. But that data that may have just as easily been stolen from other sources.
According to a spokesperson at LeakedSource, however, a small sample file of legitimate Yahoo user data exists. But it's not clear whether it's representative of the rest of the data "Peace" has, because no one has been able to look at the full dump yet—"Peace" has offered to sell it for 3 Bitcoin (about $1,860).