Yahoo complied with a directive from the federal government in 2015 to scan millions of customers’ incoming emails in real-time to determine if they contained any information that might be useful to U.S. intelligence.
An extensive investigation by Reuters reveals the first-ever known example in U.S. history of an email provider scanning through all incoming emails on the fly for information, in contrast to looking at messages already on the server, or scanning a few accounts in real-time.
“I’ve never seen that, a wiretap in real time on a ‘selector,”‘ said Albert Gidari, a lawyer with an expertise in surveillance issues. “It would be really difficult for a provider to do that.”
What exactly the U.S. intelligence community was looking for is unknown.
According to unnamed former Yahoo employees with specific knowledge of the situation, Yahoo CEO Marissa Mayer immediately complied with the classified directive from the federal government, which infuriated top-level employees, who thought the company could have fought the broad-reaching request and won.
To make matters worse inside the company, the security team was left out of the decision-making process and had no idea the engineering team had built a backdoor inside the company’s email system. Weeks after the engineering team constructed the backdoor email scanner, the security team discovered it in May 2015 and figured it was an external intrusion.
As soon as Chief Information Security Officer Alex Stamos realized Mayer had authorized the program, he resigned.
A programming security flaw in the code, he added, could allow opportunistic hackers to jump in and access stored emails.
“Yahoo is a law abiding company, and complies with the laws of the United States,” Yahoo told Reuters.
It is unclear whether the classified directive was also sent to other companies.
In late September, Yahoo confirmed that a state-sponsored hack led to the breach of 500 million accounts in 2014. The hack is one of the biggest ever in terms of sheer number of user accounts compromised.
Follow Jonah Bennett on Twitter
Send tips to jonah@dailycallernewsfoundation.org.
Content created by The Daily Caller News Foundation is available without charge to any eligible news publisher that can provide a large audience. For licensing opportunities of our original content, please contact licensing@dailycallernewsfoundation.org.
All content created by the Daily Caller News Foundation, an independent and nonpartisan newswire service, is available without charge to any legitimate news publisher that can provide a large audience. All republished articles must include our logo, our reporter’s byline and their DCNF affiliation. For any questions about our guidelines or partnering with us, please contact licensing@dailycallernewsfoundation.org.