Hacked Yahoo Data Is for Sale on Dark Web - The New York Times

Also see Verizon said to explore lower price or exit from Yahoo deal (Bloomberg)

"Security experts and former government officials warned that the real danger of the Yahoo attack was not that hackers gained access to Yahoo users’ email accounts, but that they obtained the credentials to hunt down more lucrative information about their targets wherever it resided across the web.

“This wasn’t an attack against Yahoo, but rather reconnaissance to launch other campaigns,” said Oren Falkowitz, a former analyst at the National Security Agency who now runs Area 1, a Silicon Valley security start-up.

“Inactive or not, a billion user accounts and hashes means attackers have a golden key for new phishing attacks,” he said. In a phishing attack, a hacker often poses as a trusted contact and tries to induce the recipient of an email to click on a malicious link or share sensitive information."

Hacked Yahoo Data Is for Sale on Dark Web - The New York Times