Guilty plea: former Yahoo engineer hacked thousands of email accounts

6,000 Yahoo email accounts of mostly young females got hacked in search for sexual images

Hacked accounts got searched for sexual imagesFormer Yahoo engineer searched and downloaded images from 6,000 people to look for porn. On Monday, a former Yahoo software engineer Reyes Daniel Ruiz pleaded guilty in court for hacking into personal email accounts of more than 6,000 users.[1] Accounts, mainly belonging to young women, got hacked in the hopes of finding sexual images and videos. Ruiz, 34, worked as a reliability engineer for the company and one of his roles included Yahoo! mail service management. The engineer used the job-provided access to the internal network to crack passwords and hack thousands of email accounts.[2] The unauthorized intrusions were performed between May and June 2018, according to details that were made public after the court hearing.

Since Ruiz admitted to his doings and pleaded guilty to one count of computer intrusion, he can face five years in prison and a $250,000 fine. Until his final sentencing on February 3, 2020, the former engineer was released under a bond of $200,000.[3] According to the U.S District Court Judge in San Jose, the final sentence can be imposed by the court after consideration of all the U.S laws and sentencing guidelines.

The statement from the court informs:

In pleading guilty, Ruiz, a former Yahoo software engineer, admitted to using his access through his work at the company to hack into about 6,000 Yahoo accounts. Ruiz cracked user passwords, and accessed internal Yahoo systems to compromise the Yahoo accounts. He made copies of images and videos that he found in the personal accounts without permission, and stored the data at his home.

Ruiz' targets – young women, including friends and colleagues

According to The US Attorney's Office, once Ruiz gained access to Yahoo email accounts, he was able to connect to iCloud, Facebook, Gmail, DropBox or any other social media account and search for sexual images or videos. He did that by requesting password resets for various third-party sites and which he received directly on the hacked email account.[4]

Stolen material was stored on a private computer, and hard drive that both ended up destroyed once suspicious activity was noticed by the employer. More than 6,000 email accounts that got accessed belong to personal friends and work colleagues of Ruiz – he admitted to targeting younger women specifically.

The former engineer stopped working for Yahoo back in July 2018 and got employed at a Silicon Valley tech company – SSO solutions. Once email account hacking actions got discovered and reported to law enforcement, Ruiz got formally charged in April 2019. Initially, the indictment was sealed, and these details became available after the court on Monday.

Complex passwords – serious issue regarding hacked emails

Although Ruiz used his job access to the internal network of Yahoo to hack those 6,000 emails, passwords are important to talk about when talking about hacking and privacy. Many people suffered such attacks that lead to leaked information or even blackmailing messages coming directly to your accounts.

In most cases, hackers obtain your login information by trying all the popular passwords until they reach success.[5] If you restrain from simple one-word passwords and make more complex ones, including numbers, upper-cases and not common words, you can ensure that your account is secure. Do that with all your passwords to online banking services, social media.

About the author
Julie Splinters
Julie Splinters - Anti-malware specialist

Julie Splinters is the News Editor of 2-spyware. Her bachelor was English Philology.

Contact Julie Splinters
About the company Esolutions