A Canadian man connected to the 2014 hack that compromised around 500 million Yahoo user accounts has pleaded guilty to a range of charges, the BBC reports.
Karim Baratov, who American legal officials have described a so-called "hacker-for-hire", worked for the Russian Federal Security Service when he hacked into Yahoo webmail accounts
His lawyers attempted to build a defence case for him arguing that he didn't know of any involvement with Russian agents, and there aren't any details on the amount of accounts he targeted.
As well as Baratov, three other cyber criminals were involved in the hack and have been charged. However, US law enforcement officials have been unable to make arrests as they're currently living in America, and there isn't an extradition treaty between Russia and the United States.
Two of the criminals, according to the prosecutors, work for the country's spy agency.
Reports from the Northern District of California's US Attorney's Office share insight on Baratov's role in the hack. He was paid to access a number of individual webmail accounts and send passwords to Russian agents.
The cyber crook used spear-phishing schemes to get hold of account credentials. He's due to be sentenced next February and could be locked up for 28 years.
Carolyn Bertin, who is a data protection lawyer at Keystone Law, said: "All eyes are on Yahoo after revelations by Verizon (following its acquisition of Yahoo) that many more customer accounts than previously reported had been hacked in 2013.
"Yahoo is by no means the only organisation to suffer a high-profile cyber security attack. Hackers are becoming more and more sophisticated and existing security solutions simply struggle to keep up with the infiltration methods of the perpetrators. It is now more than a question of concentrating efforts on preventative measures.
"Organisations need to take a multi-layered approach. Preventative measures are still paramount - building systems with robust security is key but that security needs to be stress tested.
"Regular penetration testing and auditing by third party specialist auditors of the security measures in place in such cloud based services is becoming increasingly important if service providers are to stay ahead of the hackers.
She added: "Users also need to be better educated and prompted to take responsibility for keeping their accounts secure. It should now become the norm to change passwords regularly and ensure that passwords are robust."
Geoengineering on the sea floor near glaciers would form a new ice shelf to prevent melting
Alterations in capillary blood flow can be caused by body position change
Curiosity rover is in 'normal mode' but not transmitting scientific data back to base
NatWest outage comes a day after Barclays' IT systems shut out customers and staff