Yahoo is warning customers that hackers may have been able to break into their accounts without even having access to their passwords. Although this was first disclosed by the company last year, but users have been receiving notifications about it this week.
The attack, was attributed to the same “state-sponsored” hackers that were blamed for breaking into over a billion Yahoo accounts last year which was the biggest hack in history and was effective between 2015 and 2016.
Our outside forensic experts have been investigating the creation of forged cookies that could allow an intruder to access users’ accounts without a password. Based on the ongoing investigation, we believe a forged cookie may have been used in 2015 or 2016 to access your account.
Forged cookies can allow a hacker into an account without having to re-enter a password. According to Yahoo, it invalidated the cookies when it discovered the hack, but hasn’t yet revealed how many users were affected by it.
“The investigation has identified user accounts for which we believe forged cookies were taken or used,” said a Yahoo spokesperson. “ Yahoo is in the process of notifying all potentially affected account holders.”
Yahoo Inc. The word “yahoo” is a backronym for “Yet Another Hierarchically Organized Oracle” or “Yet Another Hierarchical Officious Oracle”. Yahoo is an American multinational technology company headquartered in Sunnyvale, California. Yahoo was founded by Jerry Yang and David Filo in January 1994 and was incorporated on March 2, 1995. Yahoo was one of the pioneers of the early internet era in the 1990s.
Once the most popular website in the U.S., Yahoo slowly started to decline since the late 2000s, and on July 25, 2016 Verizon Communications announced its intent to acquire Yahoo’s internet business for $4.8 billion—the company was once worth over $100 billion.