Yahoo Notifying People About 'Forged Cookie' Attacks

Heads up, Yahoo! users: a new breach notification warning may be on the way. Yahoo! is in the process of notifying individuals afflicted by a previous hack involving forged cookies, which allowed an intruder to access people's accounts without inbound a password.

SecurityWatch Yahoo! in December said its exterior forensic experts were investigating a forged cookie assail, which occurred between 2022 and 2022. The investigation continued some of that activity to the state-sponsored actor behind the 2022 theft of at least 500 one thousand thousand Yahoo user accounts disclosed in September.

Today, a Yahoo! spokesperson told PCMag that investigators accept "identified user accounts for which we believe forged cookies were taken or used." The company is now working to notify all potentially affected account holders. Yahoo! declined to specify how many people it believes were affected.

Some users take posted on Twitter screenshots of the letter of the alphabet they received from Yahoo! about the forged cookie attack.

Hopefully the cookie was forged by a state known for such delicacies. #yahoo #security #baking motion picture.twitter.com/7gCeEd3Y51
— Joshua B. Plotkin (@jplotkin) February xv, 2022

"Nosotros are writing to inform yous well-nigh a data security event that involves your Yahoo! business relationship," the letter begins. It goes on to say that "a forged cookie may take been used in 2022 or 2022 to access your account."

Yahoo! said it has invalidated the forged cookies so they can't be used again.

The news comes after Yahoo! in Dec too disclosed a separate hack which occurred in August 2022 that affected more than than i billion accounts. That incident compromised names, email addresses, telephone numbers, birth-dates, passwords, and security questions and answers, according to Bob Lord, Yahoo'due south chief information security officer. Information technology might too put Yahoo!'s Verizon deal in jeopardy, co-ordinate to reports.

About Angela Moscaritolo

Angela Moscaritolo

Angela Moscaritolo is PCMag's expert on fettle and smart dwelling products. Teaching yoga for nearly 10 years has helped her in evaluating a range of connected health products including fettle trackers, heart rate monitors, rowers, smart scales, stationary bikes, forcefulness preparation machines, treadmills, and more. Angela also tests smart habitation devices from her ranch in Florida, including air purifiers, kitchen appliances, and robot vacuums, simply to name a few.