Can a Yahoo employee read my email? [closed]

email yahoo-mail

I have a friend who works in Yahoo and claims that he can hack into anyone's email. Is that really true?

I know its a vague question but I want to know if employees of Yahoo and Google have access to some database through which they can hack into others' email.


Solution 1:

Yes

A rouge employee willing to endanger their career/freedom (jail time) with correct access/motivation could illegally access email.

It has happened

I'll use Google as the example here because it actually happened in 2010 where there were 2 alleged employee that breached policy and read emails/chat:

Google acknowledged Wednesday that two employees have been terminated after being caught in separate incidents allegedly spying on user e-mails and chats.

So the same thing could happen at Yahoo, or Microsoft, or any other type of provider that has some kind of administrator access to the infrastructure.

Protect yourself

Never send anything sensitive via email, including (but not limited to) Credit Card info, passwords, your most private deep dark thoughts.

You can encrypt your email if paranoid, but this is not a trivial task:

  • Have a look at OpenPGP
  • Then have a look at this SuperUser Question about why this isn't standard operation.

Having said all that, it's actually not a big worry

Unless an employee at the organisation hosting your email is likely to directly target you and your email, don't worry about it. If you believe you are a target, then you may want to consider reporting their threats of undertaking illegal activities to their employer.

Also there's usually only a few employees who actually have such authority/access to do such a task, from this article:

A small number of GMail related engineers have access to the servers as a matter of necessity to do their jobs; a very small number of people actually access the contents as a matter of necessity to do their jobs, and even then, almost always only the associated metadata.

Solution 2:

It's not a "hack" if you own the database and can simply read it.

You should always assume that people who provide your email service read your email. They can do it, that's for sure.

If you don't feel comfortable with that, use encryption.

Solution 3:

If the workers have access to the mail server - they can access your mail boxes altough mail boxes are usually encrypted as well as the database holding the credentials is usually encrypted unreversibly using normally SHA.

Related

How can you switch the j and k keys in vim?
I would like to change my iCloud email
Installing Heroku CLI on macOS Catalina
Macbook Pro mid-2012 restarts after entering password
AppleScript to turn on the Accessibility Keyboard in High Sierra
Steps to ensuring data integrity / security of Mac mini prior to sale? [duplicate]
top alternative for GPU usage and networking
How to resize folders on desktop
How can I check how often I have used my new MacBook?
Is there a method to clone my macOS into fresh OS installer like Windows WIM?
How to (and should I) put a path to user-installed python ahead of system-installed python?
Mac how to remove instance icon from array