HOME

TheInfoList



OR:

The Internet service company
Yahoo! Yahoo! (, styled yahoo''!'' in its logo) is an American web services provider. It is headquartered in Sunnyvale, California and operated by the namesake company Yahoo! Inc. (2017–present), Yahoo Inc., which is 90% owned by investment funds ma ...
was subjected to the largest data breach on record. Two major
data breach A data breach is a security violation, in which sensitive, protected or confidential data is copied, transmitted, viewed, stolen or used by an individual unauthorized to do so. Other terms are unintentional information disclosure, data leak, info ...
es of user account data to
hackers A hacker is a person skilled in information technology who uses their technical knowledge to achieve a goal or overcome an obstacle, within a computerized system by non-standard means. Though the term ''hacker'' has become associated in popu ...
were revealed during the second half of 2016. The first announced breach, reported in September 2016, had occurred sometime in late 2014, and affected over 500 million Yahoo! user accounts. A separate data breach, occurring earlier around August 2013, was reported in December 2016. Initially believed to have affected over 1 billion user accounts, Yahoo! later affirmed in October 2017 that all 3 billion of its user accounts were impacted. Both breaches are considered the largest discovered in the
history of the Internet The history of the Internet has its origin in information theory and the efforts of scientists and engineers to build and interconnect computer networks. The Internet Protocol Suite, the set of rules used to communicate between networks and ...
. Specific details of material taken include names, email addresses, telephone numbers, encrypted or unencrypted security questions and answers, dates of birth, and hashed
password A password, sometimes called a passcode (for example in Apple devices), is secret data, typically a string of characters, usually used to confirm a user's identity. Traditionally, passwords were expected to be memorized, but the large number of ...
s. Further, Yahoo! reported that the late 2014 breach likely used manufactured
web cookies HTTP cookies (also called web cookies, Internet cookies, browser cookies, or simply cookies) are small blocks of data created by a web server while a user is browsing a website and placed on the user's computer or other device by the user's w ...
to falsify login credentials, allowing hackers to gain access to any account without a password. Yahoo! has been criticized for their late disclosure of the breaches and their security measures, and is currently facing several lawsuits as well as investigation by members of the United States Congress. The breaches impacted
Verizon Communications Verizon Communications Inc., commonly known as Verizon, is an American multinational telecommunications conglomerate and a corporate component of the Dow Jones Industrial Average. The company is headquartered at 1095 Avenue of the Americas in ...
's July 2016 plans to acquire Yahoo! for about $4.8 billion, which resulted in a decrease of $350 million in the final price on the deal closed in June 2017.


Description


July 2016 discovery

Around July 2016, account names and passwords for about 200 million Yahoo! accounts were presented for sale on the
darknet market A darknet market is a commercial website on the Dark Web, dark web that operates via darknets such as Tor (anonymity network), Tor or I2P. They function primarily as black markets, selling or brokering transactions involving Illegal drug trade, dru ...
site, "
TheRealDeal TheRealDeal was a darknet website and a part of the cyber-arms industry reported to be selling code and zero-day software exploits. The creators claimed in an interview with DeepDotWeb that the site was founded in direct response to the number ...
". The seller, known as "Peace_of_Mind" or simply "Peace", stated in confidential interviews with ''
Vice A vice is a practice, behaviour, or Habit (psychology), habit generally considered immorality, immoral, sinful, crime, criminal, rude, taboo, depraved, degrading, deviant or perverted in the associated society. In more minor usage, vice can refe ...
'' and ''
Wired ''Wired'' (stylized as ''WIRED'') is a monthly American magazine, published in print and online editions, that focuses on how emerging technologies affect culture, the economy, and politics. Owned by Condé Nast, it is headquartered in San Fran ...
'', that he had the data for some time and had been selling it privately since about late 2015. Peace has previously been connected to sales of similar private information data from other hacks including that from the
2012 LinkedIn hack The 2012 LinkedIn hack refers to the computer hacking of LinkedIn on June 5, 2012. Passwords for nearly 6.5 million user accounts were stolen. Yevgeniy Nikulin was convicted of the crime and sentenced to 88 months in prison. Owners of the ha ...
. Peace stated the data likely dates back to 2012, and security experts believed it may have been parts of other data hacks at that time; while some of the sample accounts were still active, they lacked necessary information to fully login properly, reflecting their age. Experts believe that Peace is only a broker of the information that hackers obtain and sell through him. Yahoo! stated they were aware of the data and were evaluating it, cautioning users about the situation but did not reset account passwords at that time.


Late 2014 breach

The first reported data breach in 2016 had taken place sometime in late 2014, according to Yahoo! The hackers had obtained data from over 500 million user accounts, including account names, email addresses, telephone numbers, dates of birth, hashed passwords, and in some cases, encrypted or unencrypted security questions and answers. Security experts noted that the majority of Yahoo!'s passwords used the
bcrypt bcrypt is a password-hashing function designed by Niels Provos and David Mazières, based on the Blowfish cipher and presented at USENIX in 1999. Besides incorporating a salt to protect against rainbow table attacks, bcrypt is an adaptive ...
hashing algorithm, which is considered difficult to crack, with the rest using the older MD5 algorithm, which can be broken rather quickly. Such information, especially security questions and answers, could help hackers break into victims' other online accounts.
Computer security Computer security, cybersecurity (cyber security), or information technology security (IT security) is the protection of computer systems and networks from attack by malicious actors that may result in unauthorized information disclosure, t ...
experts cautioned that the incident could have far-reaching consequences involving privacy, potentially including finance and banking as well as personal information of people's lives, including information pulled from any other accounts that can be hacked with the gained account data. Experts also noted that there may be millions of people with
Flickr Flickr ( ; ) is an American image hosting and video hosting service, as well as an online community, founded in Canada and headquartered in the United States. It was created by Ludicorp in 2004 and was a popular way for amateur and professiona ...
,
Sky The sky is an unobstructed view upward from the surface of the Earth. It includes the atmosphere and outer space. It may also be considered a place between the ground and outer space, thus distinct from outer space. In the field of astronomy, ...
and/or BT accounts who do not realize that they indirectly have a Yahoo! account as a result of past acquisitions and agreements made with Yahoo!, or even Yahoo! users who stopped using their accounts years earlier. Yahoo! reported the breach to the public on September 22, 2016. Yahoo! believes the breach was committed by " state-sponsored" hackers, but did not name any country. Yahoo! affirmed the hacker was no longer in their systems and that the company was fully cooperating with law enforcement. The
Federal Bureau of Investigation The Federal Bureau of Investigation (FBI) is the domestic intelligence and security service of the United States and its principal federal law enforcement agency. Operating under the jurisdiction of the United States Department of Justice, ...
(FBI) confirmed that it was investigating the affair. In its November 2016 SEC filing, Yahoo! reported they had been aware of an intrusion into their network in 2014, but had not understood the extent of the breach until it began investigation of a separate data breach incident around July 2016. ''
Wired ''Wired'' (stylized as ''WIRED'') is a monthly American magazine, published in print and online editions, that focuses on how emerging technologies affect culture, the economy, and politics. Owned by Condé Nast, it is headquartered in San Fran ...
'' believes this separate data breach involved the Peace data from July 2016. Yahoo!'s previous SEC filing on September 9, prior to the breach announcement, had stated that it was not aware of any "security breaches" or "loss, theft, unauthorized access or acquisition" of user data. The November 2016 SEC filing noted that the company believed the data breach had been conducted through a
cookie A cookie is a baked or cooked snack or dessert that is typically small, flat and sweet. It usually contains flour, sugar, egg, and some type of oil, fat, or butter. It may include other ingredients such as raisins, oats, chocolate chips, ...
-based attack that allowed hackers to authenticate as any other user without their password. Yahoo! and its outside security analysts confirmed this was the method of intrusion in their December 2016 announcement of the August 2013 data breach, and had invalidated all previous cookies to eliminate this route. In a regulatory filing in 2017, Yahoo! reported that 32 million accounts were accessed through this cookie-based attack through 2015 and 2016. Multiple experts believe that the security breach was the largest such incident made public in the
history of the Internet The history of the Internet has its origin in information theory and the efforts of scientists and engineers to build and interconnect computer networks. The Internet Protocol Suite, the set of rules used to communicate between networks and ...
at the time.


August 2013 breach

The first data breach occurred on Yahoo! servers in August 2013; Yahoo! stated this was a separate breach from the late 2014 one and was conducted by an "unauthorized third party". Similar data as from the late 2014 breach had been taken from over 1 billion user accounts, including unencrypted security questions and answers. Yahoo! reported the breach on December 14, 2016, and forced all affected users to change passwords, and to reenter any unencrypted security questions and answers to make them encrypted in the future. In February 2017, Yahoo! notified some users that data from the breach and forged
cookie A cookie is a baked or cooked snack or dessert that is typically small, flat and sweet. It usually contains flour, sugar, egg, and some type of oil, fat, or butter. It may include other ingredients such as raisins, oats, chocolate chips, ...
s could have been used to access these accounts. This breach is now considered the largest known breach of its kind on the Internet. In October 2017, Yahoo! updated its assessment of the hack, and stated that it believes all of its 3 billion accounts at the time of the August 2013 breach were affected. According to Yahoo! this new breach was discovered while it was reviewing data given to them from law enforcement from an unnamed third-party hacker about a month prior. They had been able to identify the method by which data were taken from the last 2014 hack using fake cookies during this investigation, but the method of the August 2013 breach was not clear to them upon their announcement. Andrew Komarov, chief intelligence officer of the cybersecurity firm InfoArmor, had been helping Yahoo! and law enforcement already in response to the Peace data. In trying to track down the source of Peace's data, he discovered evidence of this latest breach from a
dark web The dark web is the World Wide Web content that exists on '' darknets'': overlay networks that use the Internet but require specific software, configurations, or authorization to access. Through the dark web, private computer networks can commu ...
seller offering a list of more than one billion Yahoo! accounts for about $300,000 in August 2015. While two of the three buyers of this data were found to be underground
spammers This is a list of individuals and organizations noteworthy for engaging in bulk electronic spamming, either on their own behalf or on behalf of others. It is not a list of all spammers, only those whose actions have attracted substantial independen ...
, the third buyer had specifically asked the seller of the Yahoo! data to affirm if ten names of United States and foreign government officials were on the offered list and information associated with them. Suspecting that this buyer may have been related to a foreign intelligence agency, Komarov discovered that the offered data included the accounts of over 150,000 names of people working for the United States government and military, as well as additional accounts associated with European Union, Canadian, British, and Australian governments. Komarov alerted the appropriate agencies about this new data set and began working with them directly. Komarov noted that while U.S. government policies have changed to keep key intelligence employees as low-key as possible, these affected users likely set up Yahoo! accounts for personal use well before such policies were in place, and included their work details as part of their profiles, making this information highly valuable for foreign intelligence groups. Komarov had opted not to go to Yahoo! about the data, as they had previously been dismissive of InfoArmor's services in the past, and Komarov believed that Yahoo! would not thoroughly investigate the situation as it would threaten their Verizon buyout. In addition to government issues, Komarov and other security firms warned that the data from this breach can be used to attempt access to other accounts, since it included backup email contact addresses and security questions. Such data, these experts warn, could be used to create
phishing Phishing is a type of social engineering where an attacker sends a fraudulent (e.g., spoofed, fake, or otherwise deceptive) message designed to trick a person into revealing sensitive information to the attacker or to deploy malicious softwar ...
attacks to lure users into revealing sensitive information which can then be used for malicious purposes. Hold Security, another cybersecurity firm, observed that some darkweb sellers were still selling this database for up to $200,000 as late as October 2016; Komarov found that the data continues to be available at a much lower price since the passwords have been forced changed, but the data can still be valuable for phishing attacks and gaining access to other accounts.


Attribution and motivation

According to Yahoo!, the 2014 breach was carried out by a "state-sponsored actor" and the organization claims that such "intrusions and thefts by state-sponsored actors have become increasingly common across the technology industry". While Yahoo! did not name any country, some suspect China or Russia to be behind the hack, while others doubt Yahoo's claim of any state actor. U.S. intelligence officials, who declined to give their names to the media, highlighted similarities between the attack and previous breaches linked to the
Russian government The Government of Russia exercises executive power in the Russian Federation. The members of the government are the prime minister, the deputy prime ministers, and the federal ministers. It has its legal basis in the Constitution of the Russ ...
. Yahoo! in fall 2014 detected what it believed was a small breach "involving 30 to 40 accounts", carried out by hackers believed to be "working on behalf of the Russian government", according to Yahoo! executives, because it was launched from computers in that country. Yahoo! reported the incident to the FBI in late 2014 and notified affected users. Sean Sullivan, a security adviser at cyber security firm
F-Secure F-Secure Corporation is a global cyber security and privacy company, which has its headquarters in Helsinki, Finland. The company has offices in Denmark, Finland, France, Germany, India, Italy, Japan, Malaysia, Netherlands, Norway, Poland, Swed ...
Labs, declared China to be his top suspect and said that "there have been no past cases of a service provider like Yahoo! being targeted
y Russia Y, or y, is the twenty-fifth and penultimate letter of the Latin alphabet, used in the modern English alphabet, the alphabets of other western European languages and others worldwide. According to some authorities, it is the sixth (or seventh ...
" whose hackers tend to perpetrate targeted attacks, either in areas important for their economy, such as the energy sector, or to undermine politicians, while "China likes to vacuum up all kinds of information" and "has a voracious appetite for personal information". Examples of state-sponsored data breaches with China in suspicion include the massive data breach of 18 million people from the
United States Office of Personnel Management The United States Office of Personnel Management (OPM) is an independent agency of the United States Federal Government that manages the US civilian service. The agency provides federal human resources policy, oversight and support, and tend ...
and the attacks on Google in 2010, dubbed
Operation Aurora Operation Aurora was a series of cyber attacks conducted by advanced persistent threats such as the Elderwood Group based in Beijing, China, with ties to the People's Liberation Army. First publicly disclosed by Google on January 12, 2010, in ...
. Others expressed doubt about Yahoo's claim of the attack being state-sponsored, as it would be less embarrassing for Yahoo! to attribute an attack to a nation state, which typically have the most sophisticated hacking capabilities, than to attribute it to a
cybercriminal A cybercrime is a crime that involves a computer or a computer network.Moore, R. (2005) "Cyber crime: Investigating High-Technology Computer Crime," Cleveland, Mississippi: Anderson Publishing. The computer may have been used in committing the ...
group or individual—particularly as Yahoo! was in the middle of being acquired by Verizon. Senior research scientist Kenneth Geers from Comodo, however, noted that "Yahoo! is a strategic player on the World Wide Web, which makes it a good—and valid—target for nation-state intelligence collection". One of the effects, if not the direct goal, of the breaches was the use of the stolen usernames and passwords for
credential stuffing Credential stuffing is a type of cyberattack in which the attacker collects stolen account credentials, typically consisting of lists of usernames and/or email addresses and the corresponding passwords (often from a data breach), and then uses th ...
attacks. InfoArmor issued a report that challenged Yahoo's claim that a nation-state orchestrated the heist after reviewing a small sample of compromised accounts. InfoArmor had been able to obtain the list of affected accounts for analysis. InfoArmor determined that the breach was likely the work of an Eastern European criminal gang that later sold the entire hacked database to at least three clients, including one state-sponsored group. According to InfoArmor, by early 2015, the group no longer offered to sell the full database, but sought "to extract something from the dump for significant amounts of money." The report noted that it was difficult to determine who the ultimate mastermind of a hack might be, as criminal hackers sometimes provide information to government intelligence agencies or offer their services for hire. Komarov said the hackers may be related to
Group E Group E may refer to: * E-Group: E-Groups are unique architectural complexes found among a number of ancient Maya settlements * Group E (vase painting), a group of Attic vase painters of the black-figure style, active between 560 and 540 BC. * One ...
, who have had a track record of selling stolen personal data on the
dark web The dark web is the World Wide Web content that exists on '' darknets'': overlay networks that use the Internet but require specific software, configurations, or authorization to access. Through the dark web, private computer networks can commu ...
, primarily to underground
spammers This is a list of individuals and organizations noteworthy for engaging in bulk electronic spamming, either on their own behalf or on behalf of others. It is not a list of all spammers, only those whose actions have attracted substantial independen ...
, and were previously linked to breaches at LinkedIn, Tumblr, and MySpace. InfoArmor had linked Group E as the source of the data that were offered by Peace, and believed that Group E was brokering the data to dark web sellers. While InfoArmor did not believe a state-sponsored agency committed the breach, they warned of implications on foreign intelligences, as the breaches "opens the door to significant opportunities for cyber-espionage and targeted attacks," and may be the key in several targeted attacks against U.S. government personnel, which resulted after the disclosed contacts of the affected high-level officials of intelligence community in October 2015. Yahoo! stated that the 2013 breach is connected "to the same state-sponsored actor believed to be responsible for the data theft the company disclosed on September 22, 2016."
White House The White House is the official residence and workplace of the president of the United States. It is located at 1600 Pennsylvania Avenue Northwest, Washington, D.C., NW in Washington, D.C., and has been the residence of every U.S. preside ...
spokespersons stated that the FBI is currently investigating this breach, though the scope of its impact is unclear. A United States official, speaking to CBS News, says that government investigators agree with Yahoo! that the hack was sponsored by a foreign state, possibly
Russia Russia (, , ), or the Russian Federation, is a transcontinental country spanning Eastern Europe and Northern Asia. It is the largest country in the world, with its internationally recognised territory covering , and encompassing one-eigh ...
. Security experts speculate that because little of the data from this 2013 breach have been made available on the black market, the breach was likely targeted to find information on specific people.


Prosecution

On March 15, 2017, the FBI officially charged the 2014 breach to four men, including two that work for Russia's
Federal Security Service The Federal Security Service of the Russian Federation (FSB) RF; rus, Федеральная служба безопасности Российской Федерации (ФСБ России), Federal'naya sluzhba bezopasnosti Rossiyskoy Feder ...
(FSB). In its statement, the FBI said "The criminal conduct at issue, carried out and otherwise facilitated by officers from an FSB unit that serves as the FBI's point of contact in Moscow on cybercrime matters, is beyond the pale." The four men accused include
Alexsey Belan Alexey Alexeevich Belan (russian: Алексей Алексеевич Белан; born June 27, 1987) is a Latvian and Russian hacker on the FBI's list of most wanted criminals. He has been accused of illegal access to the computer networks of th ...
, a
hacker A hacker is a person skilled in information technology who uses their technical knowledge to achieve a goal or overcome an obstacle, within a computerized system by non-standard means. Though the term ''hacker'' has become associated in popu ...
on the
FBI Ten Most Wanted Fugitives The FBI Ten Most Wanted Fugitives is a most wanted list maintained by the United States's Federal Bureau of Investigation (FBI). The list arose from a conversation held in late 1949 between J. Edgar Hoover, Director of the FBI, and William K ...
list, FSB agents Dmitry Dokuchaev and Igor Sushchin who the FBI accused of paying Belan and other hackers to conduct the hack, and Canadian hacker
Karim Baratov Kareem (alternatively spelled Karim or Kerim) ( ar, کریم) is a common given name and surname of Arabic origin that means "generous", "noble", "honorable". It is also one of the Names of God in Islam in the Quran. Given name Karim * Karim ...
who the FBI claimed was paid by Dokuchaev and Sushchin to use data obtained by the Yahoo! breaches to breach into about 80 non-Yahoo! accounts of specific targets. Baratov, the only man currently arrested, was extradited to the United States, though had claimed not guilty to the charges in August 2017. However, he later pled guilty, admitting to hacking into at least 80 email accounts on behalf of Russian contacts. He was charged with nine counts of hacking, and in May 2018 sentenced to 5 years in prison and ordered to pay and restitution to his victims.


Legal and commercial responses


Yahoo!

Yahoo!'s delay in discovering and reporting these breaches, as well as implementing improved security features, has become a point of criticism. Yahoo! has been taken to task for having a seemingly lax attitude towards security: the company reportedly does not implement new security features as fast as other Internet companies, and after Yahoo! was identified by
Edward Snowden Edward Joseph Snowden (born June 21, 1983) is an American and naturalized Russian former computer intelligence consultant who leaked highly classified information from the National Security Agency (NSA) in 2013, when he was an employee and s ...
as a frequent target for state-sponsored hackers in 2013, it took the company a full year before hiring a dedicated chief information security officer,
Alex Stamos Alex Stamos is a Greek American computer scientist and adjunct professor at Stanford University's Center for International Security and Cooperation. He is the former chief security officer (CSO) at Facebook. His planned departure from the company ...
. While Stamos' hiring was praised by technology experts as showing Yahoo!'s commitment towards better security, Yahoo! CEO
Marissa Mayer Marissa Ann Mayer (; born May 30, 1975) is an American businesswoman and investor. She is an information technology executive, and co-founder of Sunshine Contacts. Mayer formerly served as the president and chief executive officer of Yahoo!, a ...
had reportedly denied Stamos and his security team sufficient funds to implement recommended stronger security measures, and he departed the company by 2015. Experts have pointed out that Yahoo!, only until the most recent breaches, had not forced affected users to change their passwords, a move that Mayer and her team believed would drive users away from the service. Some experts stated that implementing stronger security measures does take monetary resources, and Yahoo!'s financial situation has not allowed the company to invest in cybersecurity. Yahoo!'s internal review of the situation found that Mayer and other key executives knew of the intrusions but failed to inform the company or take steps to prevent further breaches. The review led to the resignation of the company's principle lawyer, Ronald S. Bell by March 2017, and Mayer's equity compensation bonus for 2016 and 2017 was pulled.


Verizon Communications merger deal

In July 2016, prior to the announcement of the breaches
Verizon Communications Verizon Communications Inc., commonly known as Verizon, is an American multinational telecommunications conglomerate and a corporate component of the Dow Jones Industrial Average. The company is headquartered at 1095 Avenue of the Americas in ...
had entered into negotiations and approval to purchase a portion of the Yahoo! properties for $4.8 billion, with the deal set to close in March 2017. Verizon had only become aware of the 2014 breach just two days prior to the Yahoo! September announcement. CEO
Lowell McAdam Lowell Clayton McAdam (born May 28, 1954) is an American businessman. He is the former chairman and CEO of Verizon Communications, a company he joined in 2000. Early life McAdam earned a bachelor's degree in engineering from Cornell Universit ...
said he wasn't shocked by the hack, saying "we all live in an internet world, it's not a question of if you're going to get hacked but when you are going to get hacked". He left the door open to possibly renegotiate the $4.83 billion price tag. Craig Silliman, Verizon's general counsel told reporters in Washington Verizon has "a reasonable basis to believe right now that the impact is material" and that they're "looking to Yahoo to demonstrate ..the full impact". The company's reputation has suffered online in the last few months, according to an
analysis Analysis ( : analyses) is the process of breaking a complex topic or substance into smaller parts in order to gain a better understanding of it. The technique has been applied in the study of mathematics and logic since before Aristotle (3 ...
by marketing firm Spredfast: about 90 percent of the Twitter comments about Yahoo! were negative in October, up from 68 percent in August, before news of the hack. Following the announcement of the August 2013 breach, Verizon was reportedly seeking to change terms of the deal to reflect on the impact of these breaches, including lowering their offer or potentially seeking court action as to terminate the deal. Verizon stated that they will "review the impact of this new development before reaching any final conclusions". In February 2017, Verizon and Yahoo! announced that the deal will still go forward, but dropping the sale price by $350 million, down to $4.48 billion. The deal officially closed at this reduced price in June 2017, with Mayer stepping down as CEO following the closure. Verizon and Yahoo! will share jointly in the ongoing costs for the government investigation of the breaches under this new term. The remaining properties of Yahoo! not purchased by Verizon, which included the Alibaba Group, were renamed to
Altaba Altaba Inc. was a non-diversified, closed-end management investment company based in New York City that was formed from the remains of the first incarnation of Yahoo! Inc. after Verizon acquired old Yahoo's Internet business. Verizon completed i ...
in June 2017.


United States government

Members of the U.S. Government have been critical of Yahoo!'s reactions to these breaches. In a letter to Yahoo! CEO
Marissa Mayer Marissa Ann Mayer (; born May 30, 1975) is an American businesswoman and investor. She is an information technology executive, and co-founder of Sunshine Contacts. Mayer formerly served as the president and chief executive officer of Yahoo!, a ...
, six Democratic U.S. Senators (
Elizabeth Warren Elizabeth Ann Warren (née Herring; born June 22, 1949) is an American politician and former law professor who is the senior United States senator from Massachusetts, serving since 2013. A member of the Democratic Party and regarded as a p ...
,
Patrick Leahy Patrick Joseph Leahy (; born March 31, 1940) is an American politician and attorney who is the senior United States senator from Vermont and serves as the president pro tempore of the United States Senate. A member of the Democratic Party, L ...
,
Al Franken Alan Stuart Franken (born May 21, 1951) is an American comedian, politician, media personality, and author who served as a United States senator from Minnesota from 2009 to 2018. He gained fame as a writer and performer on the television comed ...
,
Richard Blumenthal Richard Blumenthal (; born February 13, 1946) is an American lawyer and politician who is the senior United States senator from Connecticut, a seat he has held since 20