According to Federal Prosecutors, a former Yahoo software engineer pleaded guilty to hacking several thousand user accounts in search of explicit images and videos on September 30. The engineer named Reyes Daniel Ruiz reportedly targetted 6,000 accounts including those of personal friends and colleagues. The engineer stole intimate videos and images from thousands of young women's accounts while working at the company. Reyes Daniel Ruiz, who is no longer employed by Yahoo, pleaded guilty to using his work access to Yahoo's systems to target women.
Read: Juul Labs Stops Funding San Francisco Vaping Measure In The US
The 34-year-old engineer belongs to Tracy, California. He reportedly accessed Yahoo accounts only as he had access to it. Images from sources like iCloud, Facebook, Gmail, and DropBox accounts linked to Yahoo mail were among the ones he used his login credentials for. The statement made to the media mentioned that Reyes cracked user passwords, and accessed internal Yahoo systems to compromise the Yahoo accounts. He even made copies of images and videos that he found in the personal accounts without permission and stored the data at his home. The US Attorney's office in the Northern District of California informed that the website giant destroyed Ruiz's computer and hard drive on learning of his activities. During his prosecution, he pleaded guilty to one count of computer intrusion. The judges have sentenced him five years in prison which starts from February 3. He was released on the conditions of an unsecured $200,000 bond. Additionally, he will pay a $250,000 fine, plus restitution.
Earlier in 2018, Yahoo was slapped with a $35m fine for its failure to disclose a massive 2014 security breach. The hefty fine was the first incident in which the Securities and Exchange Commission (SEC) had levied against a public company for failing to disclose a cyber breach. It came after Yahoo failed to properly disclose details of its a 2014 hack that resulted in the theft of more than 500 million users' details, including usernames, email addresses, encrypted passwords, birthdates, phone numbers, and security questions and answers. The engineer's abuse of his internal access to users' accounts is the latest in a long line of serious security failings at Yahoo.