Home > Cyber News > The Yahoo Saga Continues: User Accounts Accessed Via Cookies

The Yahoo Saga Continues: User Accounts Accessed Via Cookies

The Yahoo saga continues, as the company has again started notifying users of more malicious activities involving more user accounts. Apparently, attackers may have accessed user accounts via fake cookies instead of passwords. Unfortunately, the number of accounts accessed this way hasn’t been specified by Yahoo.

This may not appear surprising at all as it surfaced as a time when a series of breaches that involved Yahoo came to light. Still, the attack shouldn’t be underestimated as its implications may be more damaging than expected.

The first batch of notifications were sent to affected users in December last year, but as it appears this isnn’t the end of the saga.

Related: Yahoo Reports Another Billion Accounts Hacked

According to the US Securities and Exchange Commission filling the attackers that had access to Yahoo’s network in 2015 was actually state-sponsored. The attackers created fake cookies which enabled access to accounts without needing a password. Various account details could have been accessed as well. The incidents took place in 2015 and 2016. The cookies are now invalidated.

According to Jason Hart, Vice President and Chief Technology Officer at Gemalto, this news is both surprising and expected. He also adds that:

The company recommended that users consider adopting its Yahoo Account Key, an authentication tool that eliminates the need for a password. However, tools like this only work if the user remembers to activate them. Given the current security climate, all companies should have multi-factor authentication activated by default for all online accounts. Opt-in security is not an option in this day and age.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:

Leave a Comment

Your email address will not be published. Required fields are marked *