Yahoo has been busy investigating the mega-breach that exposed around 1 billion user accounts and now the company has discovered that between 2015 and 2016 potentially malicious activity was observed on the website. The company revealed on Wednesday that currently it has issued warning notification to the users but it is yet not been specified how many users have been affected, yet Yahoo is certain that user accounts have been compromised during the said time period. This malicious activity is believed to be caused by the use of Forged Cookies.
The warning notification sent by Yahoo to the affected users read:
“Based on the on-going investigation, we believe a forged cookie may have been used in 2015 or 2016 to access your account.”
Yahoo told The Guardian that it reported about forged cookie back in November 2016 for the first time and addressed the issue in its December 2016 security update while some users are being notified this month. A spokeswoman from Yahoo stated that after investigating the issue, they identified the user accounts for which the forged cookies were used. As of now, “Yahoo is in the process of notifying all potentially affected account holders. Yahoo has invalidated the forged cookies so they cannot be used again,” she added.
Last year Yahoo revealed the involvement of state-sponsored actor in stealing the private data of the 500 million users in a mega-breach that occurred between 2013 and 2014. The stolen data includes important private details such as date of birth, email IDs and security questions answers of the users. This particular breach was utterly devastating for Yahoo since it raised concerns and questions about the security measures employed by the company.
The data breach also sabotaged the deal between Yahoo and Verizon Communications in which the former was supposed to sell its email service, mobile apps and websites to the latter. However, Yahoo hasn’t revealed the name of the state-sponsored actors involved in attacking the company. According to security experts, it could be either China or Russia as these two countries are usually suspected for such kinds of attacks.
It is apparent that Yahoo is currently going through a rough phase as it is facing a series of cyber-security related issues and users are mocking the company for letting such massive data breaches occur at a frequent pace. Nevertheless, in case you want to permanently delete your Yahoo account go through our tutorial here.
DDoS attacks are increasing, calculate the cost and probability of a DDoS attack on your business with this DDoS Downtime Cost Calculator.