Yahoo hacked again: culprits used forged cookies to break into users’ accounts

Yahoo successfully continues to lose its outstanding reputation. Do you think previous data breaches[1] that affected more than 1.5 billion Yahoo users[2] forced the company to take preventative measures to finally patch all security vulnerabilities and make the website and its services secure again? Sadly, it doesn’t seem that Yahoo managed to achieve something in security field, because another data breach was identified lately. However, the incident was, to say at least, overlooked – the company says it happened somewhen between 2015 and 2016, and an official announcement about it was published on December 14, 2016[3]. According to this message from Yahoo, the company has spotted data security problems regarding Yahoo user accounts, and that their experts believe that attackers used a technical trick using forged cookies[4], which allowed them to log into Yahoo accounts without even having victims’ account passwords. The company claims to have these forged cookies invalidated, and believes that offenders might be related to same state-sponsored actors who initiated the attack revealed on September 22, 2016. However, this breach definitely has side effects for the company itself, because reportedly Verizon, which was intended to buy Yahoo’s core Internet business for $4.83, now wants to get a discount of $250 million to 350$ million[5].

Yahoo hacked for the third time since 2013

Despite the fact that company claims that these issues fixed, users can hardly trust Yahoo again. If you received an email from Yahoo called “Important security information for Yahoo users,” you need to take actions to protect your account immediately. Yahoo claims that hackers may have accessed users’ names, telephone numbers, birthdates, passwords, encrypted/unencrypted security questions and answers. However, Yahoo says that it believes payment data and bank account information were not affected as it was not stored on the system they think was affected. The question is, can you trust these words? Therefore, we suggest you take certain measures to secure your CC and bank account information immediately.

Yahoo advises users to change passwords and security questions for Yahoo account as well as accounts that are linked to it or created using same login details. Users should also check their accounts for suspicious activity and avoid emails asking for personal information or containing vague-looking URLs or attachments. The company also advises using Yahoo’s Account Key, which, once enabled, sends a notification to user’s mobile phone, asking to confirm an attempt to log into the Yahoo account.

About the author
Gabriel E. Hall
Gabriel E. Hall - Passionate web researcher

Gabriel E. Hall is a passionate malware researcher who has been working for 2-spyware for almost a decade.

Contact Gabriel E. Hall
About the company Esolutions