Following Yahoo’s revelation in late September that 500 million of its user accounts were breached in a massive, state-sponsored hack back in 2014, a new report suggests more bad news for the company. No, it’s not another hack — nor is it anything committed against Yahoo by an outsider force. Instead, according to Reuters, it seems Yahoo went above and beyond competitors Verizon and Google’s efforts to appease U.S. intelligence in 2015. How? By building software to scan all of its customers’ incoming emails for information detailed by the agencies requesting it.
The company complied with a classified U.S. government directive, scanning hundreds of millions of Yahoo Mail accounts at the behest of the National Security Agency or FBI, said two former employees and a third person apprised of the events.
Whether the National Security Agency (NSA), FBI, other intelligence agencies or all three were specifically making or benefiting from the government directive remains to be seen. What’s more, Reuters was unable to determine what exactly officials were looking for. What is known, however, is that they wanted Yahoo to “search for a set of characters.” Like “a phrase in an email or an attachment,” as one of the article’s many anonymous sources suggested.
Interestingly, Reuters suggests Yahoo’s new email-scanning software didn’t sit well with many of its top executives and employees:
According to the two former employees, Yahoo Chief Executive Marissa Mayer’s decision to obey the directive roiled some senior executives and led to the June 2015 departure of Chief Information Security Officer Alex Stamos, who now holds the top security job at Facebook Inc.
Aside from a statement describing itself as “a law abiding company” that “complies with the laws of the United States,” Yahoo didn’t comment in any detail. Nor did the NSA, for whom the Office of the Director of National Intelligence responded specifically to Reuters with an official “no comment.”