by Staff Writers
San Francisco (AFP) Feb 15, 2017
Yahoo said Wednesday it was notifying some users that hackers may have been able to use a maneuver to break into their accounts without stealing passwords.
The latest notifications were in response to the record breach disclosed late last year affecting an estimated one billion users -- which involved forging of "cookies" or files used to authenticate users when they log into their accounts.
The notification indicates the investigation into the attacks are in the final stage, according to a source familiar with the matter, noting that messages had been sent to "a reasonably final list" of Yahoo users.
A Yahoo spokesman said the company was notifying all potentially affected users and that it had "invalidated" the forged cookies.
"As we have previously disclosed, our outside forensic experts have been investigating the creation of forged cookies that could have enabled an intruder to access our users' accounts without a password," the company said in a statement.
"The investigation has identified user accounts for which we believe forged cookies were taken or used."
Yahoo announced in September that hackers in 2014 stole personal data from more than 500 million of its user accounts. It admitted another cyber attack in December, this one dating from 2013, affecting more than a billion users.
The data breaches have been a major embarrassment for a former internet leader that is in the process of selling its core operations to telecom giant Verizon for $4.8 billion.
Some reports Wednesday said the two companies had agreed to discount the price by $250 million to $300 million following disclosure of the attacks.
Neither Yahoo nor Verizon commented on the reports.
Yahoo is selling its main operating business as a way to separate that from its more valuable stake in Chinese internet giant Alibaba.
The share-tending entity, to be renamed Altaba, Inc., will act as an investment company.
Cyberwar - Internet Security News - Systems and Policy Issues
|The content herein, unless otherwise known to be public domain, are Copyright 1995-2017 - Space Media Network. All websites are published in Australia and are solely subject to Australian law and governed by Fair Use principals for news reporting and research purposes. AFP, UPI and IANS news wire stories are copyright Agence France-Presse, United Press International and Indo-Asia News Service. ESA news reports are copyright European Space Agency. All NASA sourced material is public domain. Additional copyrights may apply in whole or part to other bona fide parties. Advertising does not imply endorsement, agreement or approval of any opinions, statements or information provided by Space Media Network on any Web page published or hosted by Space Media Network. Privacy Statement|