Yahoo was busy investigating the huge-breach which exposed more than 1 billion user accounts and now the company has found that between in 2015 and 2016 some potentially malicious activity was identified on the website. The company revealed on Wednesday that as of now, it has issued the warning notification to all the users but they have not specified how many users have been affected, still Yahoo is certain that user accounts are compromised during the mentioned time period. This notorioud activity is believed to be caused by using Forged Cookies.
The warning notification that is sent by Yahoo to affected users is as follows:
“Based on an on-going investigation, we believe that a forged cookie may have been used back in 2015 or 2016 to access your account.”
The Yahoo told Guardian that it reported about the forged cookie back in November 2016 itself for the first time and has addressed the issue in its December 2016 security update but some users are being notified this month. The spokeswoman from Yahoo said that after investigating that the issue, they found user accounts for which the forged cookies are used. But, “Yahoo is in the process of notifying all of potentially affected account holders. Yahoo has invalidated the forged cookies so they cannot be used again,” she added.
We know that last year Yahoo revealed the involvement of state-sponsored actor in stealing private data more than 500 million users in a mega-breach that occurred between 2013 and 2014. The stolen data includes important private details such as date of birth, email IDs and security questions answers of the users. This particular breach was utterly devastating for Yahoo since it raised concerns and questions about the security measures employed by the company.
The data breach also sabotaged the deal between Yahoo and Verizon Communications in which the former was supposed to sell its email service, mobile apps and websites to the latter.