Ex-Yahoo employee admits trawling through user accounts for explicit content

More than 6,000 users compromised as defendant also accessed iCloud, Facebook and Gmail accounts

Yahoo

A former software engineer with Yahoo has pled guilty to hacking into approximately 6,000 user accounts, including those of his friends and colleagues, in order to search for explicit or sexual material.

Reyes Daniel Ruiz, 34, has been accused of hacking into thousands of Yahoo accounts through his work at the company in an attempt to find sexual images and videos from the account holders.

These were accounts primarily belonging to younger women, according to the US Attorney's Office for the Northern District of California.

Ruiz made copies of images and videos he found without permission, and stored the data at his home. He also admitted to taking this a step further and compromising the iCloud, Facebook, Gmail, Dropbox and other online accounts of the victims in order to search for more explicit photos and videos.

"In pleading guilty, Ruiz, a former Yahoo software engineer, admitted to using his access through his work at the company to hack into about 6,000 Yahoo accounts," the US Attorney's Office said.

"Ruiz cracked user passwords, and accessed internal Yahoo systems to compromise the Yahoo accounts.

"After his employer observed the suspicious account activity, Ruiz admitted to destroying the computer and hard drive on which he stored the images."

Ruiz was indicted on 4 April and charged with one count of Computer Intrusion, and one count of Interception of a Wire Communication, pleading guilty to the latter. The maximum penalty for each count is five years in prison and a fine of $250,000.

Although these laws apply in the US only, one piece of legislation that serves as the equivalent in the UK is the Computer Misuse Act 1990, which is designed to prevent information theft from computer systems.

Research from 2016 found that more than a third of employees were routinely violating this law, although not to the extent of Ruiz's offences.

Featured Resources

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Evaluate your order-to-cash process

15 recommended metrics to benchmark your O2C operations

Download now

AI 360: Hold, fold, or double down?

How AI can benefit your business

Download now

Getting started with Azure Red Hat OpenShift

A developer’s guide to improving application building and deployment capabilities

Download now

Recommended

Global ransom DDoS extortionists are retargeting companies
distributed denial of service (DDOS)

Global ransom DDoS extortionists are retargeting companies

22 Jan 2021
Best ransomware removal tools
ransomware

Best ransomware removal tools

22 Jan 2021
Hackers publish over 4,000 files stolen from SEPA in ransomware attack
Security

Hackers publish over 4,000 files stolen from SEPA in ransomware attack

22 Jan 2021
BEC scammers are using Google Forms to identify easy victims
phishing

BEC scammers are using Google Forms to identify easy victims

21 Jan 2021

Most Popular

School laptops sent by government arrive loaded with malware
malware

School laptops sent by government arrive loaded with malware

21 Jan 2021
How to move Windows 10 from your old hard drive to SSD
operating systems

How to move Windows 10 from your old hard drive to SSD

21 Jan 2021
What is the Raspberry Pi Pico?
Hardware

What is the Raspberry Pi Pico?

21 Jan 2021