Yahoo Issues Fresh Warning About Compromised Accounts

Yahoo has issued a fresh warning to its users about potentially malicious activity on their accounts between 2015 and 2016.

The warning comes after two highly damaging cyber attacks that has resulted in the compromising of user data belonging to a staggering one billion users.

The cyber attacks have badly impacted the acquisition of Yahoo’s core Internet business for $4.83 billion (£3.86bn) by Verizon. Recent reports suggest that Verizon will shave between $250 million to $350 million off the original agreed purchase price.

Two Attacks

Yahoo has been hit hard by cyber incidents in recent years. A devastating data breach at Yahoo took place in 2014, which resulted in the theft of 500 million accounts. But that hack only came to light in September 2016.

The long delay prompted US senators to call for CEO Mayer to explain the way the company handled the data loss.

But in December last year Yahoo admitted that another massive data breach took place back in 2013, which saw more than a billion user accounts hacked, making it the biggest breach in history.

It should be noted that Yahoo has been hacked before that. In 2012 Yahoo admitted it had been hacked, after more than 450,000 Yahoo passwords had been posted online.

The company believed that hack took place in August 2013, when an unauthorised third party swiped data linked to a mass number of accounts.

Stolen user account information from the 2013 hack may have included names, email addresses, telephone numbers, dates of birth, hashed passwords and, in some cases, encrypted or unencrypted security questions and answers.

Fresh Warning

And this week Yahoo has issued a fresh warning to users of potentially malicious activity on their accounts between 2015 and 2016.

The company confirmed the fresh warning to the Associated Press, but declined to say how many people were affected.

Yahoo apparently tied some of the potential compromises to what it has described as the “state-sponsored actor” responsible for the 2013 attack.

Its new warning to users talks of malicious activity from the use of “forged cookies”.

“Based on the ongoing investigation, we believe a forged cookie may have been used in 2015 or 2016 to access your account,” the Associated Press quoted the warning sent to Yahoo users on Wednesday.

Quiz: Take our data breaches of 2015 quiz here!

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

2 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

2 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

2 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

3 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

3 days ago