Yahoo’s newly issued warning to users about malicious hacks is related to a third data breach that the company disclosed in December 2016. A warning sent to some Yahoo users Wednesday read: “Based on the ongoing investigation, we believe a forged cookie may have been used in 2015 or 2016 to access your account.”
This breach was quietly revealed in a December 2016 statement from Yahoo that provided information on a separate hack that occurred in August 2013 involving more than 1 billion accounts. Some of 2015 and 2016 incidents have been tied to a “state-sponsored actor” that was involved in another 2014 breach that affected up to 500 million accounts.
A “forged cookie” allows hackers access to your account without having to enter any passwords – in similar fashion to when you visit a website and you access it whilst you are already logged in without any need for credentials. Once hackers have their hands on these forged cookies it can take them a matter of seconds before accessing your personal information, and in this case, your email account.
The leaked data is said to include email addresses, birth dates, mobile numbers and answers to security questions – basically, your email account registration information. Yahoo declined to say how many people have been affected.
The earlier, catastrophic breaches that impacted over 1.5 billion accounts raised questions about Yahoo’s security, and called into question the company’s deal to sell itself to Verizon Communications.
If you feel your emails are not as secure as they should be or if you have noticed some odd looking emails landing in your inbox lately, get in touch with us here at IntelliTeK and we can work to get you, your business and/or your employees some needed security protection. Cyber criminals are evolving everyday and you cannot simply rely on any antivirus that you can download from the internet. Get in touch with the experts and we’ll watch over your email security 24 hours a day, 7 days a week, 365 days a year.