Yahoo Sending Out Notifications About Forged Cookie Attacks

Posted by at 10:14 am on February 16, 2017

Yahoo users havea new breach notification warning that may be on the way.

Yahoo is in the process of notifying individuals affected by a previously announced hack involving forged cookies, which allowed an intruder to access people’s accounts without entering a password.

Yahoo in December said its outside forensic experts were investigating a forged cookie attack, which occurred between 2015 and 2016. The investigation connected some of that activity to the state-sponsored actor behind the 2014 theft of at least 500 million Yahoo user accounts disclosed in September.

Some users have posted on Twitter screenshots of the letter they received from Yahoo about the forged cookie attack.

“We are writing to inform you about a data security issue that involves your Yahoo account,” the letter begins. It goes on to say that “a forged cookie may have been used in 2015 or 2016 to access your account.”

Yahoo said it has invalidated the forged cookies so they can’t be used again.

Leave a Reply

Sign Up For Our Newsletter

Sign up to receive breaking news
as well as receive other site updates

Enter your Email


Preview | Powered by FeedBlitz

Log in

Copyright © 2008 - 2024 · StreetCorner Media , LLC· All Rights Reserved ·