Does it ever end? Yahoo issues fresh warning to users after disastrous data breach
Yahoo has issued a fresh warning to its users about potentially malicious activity on their accounts between 2015 and 2016.
The warning comes after two highly damaging cyber attacks that has resulted in the compromising of user data belonging to a staggering one billion users.
The cyber attacks have badly impacted the acquisition of Yahoo’s core Internet business for $4.83 billion (£3.86bn) by Verizon. Recent reports suggest that Verizon will shave between $250 million to $350 million off the original agreed purchase price.
Yahoo has been hit hard by cyber incidents in recent years. A devastating data breach at Yahoo took place in 2014, which resulted in the theft of 500 million accounts. But that hack only came to light in September 2016.
The long delay prompted US senators to call for CEO Mayer to explain the way the company handled the data loss.
But in December last year Yahoo admitted that another massive data breach took place back in 2013, which saw more than a billion user accounts hacked, making it the biggest breach in history.
The company believed that hack took place in August 2013, when an unauthorised third party swiped data linked to a mass number of accounts.
Stolen user account information from the 2013 hack may have included names, email addresses, telephone numbers, dates of birth, hashed passwords and, in some cases, encrypted or unencrypted security questions and answers.
And this week Yahoo has issued a fresh warning to users of potentially malicious activity on their accounts between 2015 and 2016.
The company confirmed the fresh warning to the Associated Press, but declined to say how many people were affected.
Yahoo apparently tied some of the potential compromises to what it has described as the “state-sponsored actor” responsible for the 2013 attack.
Its new warning to users talks of malicious activity from the use of “forged cookies”.
“Based on the ongoing investigation, we believe a forged cookie may have been used in 2015 or 2016 to access your account,” the Associated Press quoted the warning sent to Yahoo users on Wednesday.