Yahoo’s security problems have reached new heights as a report from Reuters exposed an email scanning programme within the company. It turns out that the internet giant was complying with a request from US law enforcement to search all user emails for specific information.
The information comes from three former engineers, who claimed that the company had scanned millions of emails looking for information to turn over to either the NSA or FBI. The sources were not certain as to where the information request actually came from, as the NSA makes domestic information requests through the FBI.
They are also not certain as to what the authorities were looking for. The request only asked Yahoo to look for a specific string of characters; which could have been a phrase or an email attachment.
Making matters worse is that Yahoo CEO Marissa Mayer did not alert the internal security team about what was going on. Former Chief Information Security Officer Alex Stamos left his job after his team discovered what he initially thought was a cyberattack.
Yahoo is the only company to have been caught complying with government requests for information. According to the original report, this happened because Mayer did not believe that the company would be able to successfully challenge the request through the courts.
This was despite Google, Microsoft, and Apple all having faced off against US law enforcement over similar issues. Email providers Google and Microsoft both said that they had not been approached with a similar request; and a Google spokesman said that they would not have complied anyway.
The incident took place in May 2015, and it is unknown if the NSA/FBI found what they were looking for. However, it is not a comforting thought to know that Yahoo is willing to search through the email archives of its users if a government asks nicely.