Yahoo cookies not very palatable

      Comments Off on Yahoo cookies not very palatable

Yahoo cookies not very palatableAttention all Yahoo account holders – you are not out of the woods yet. The cyber crooks who famously hacked Yahoo in 2015 and 2016 (and possibly 2013 too) succeeded in forging its website’s session cookies, which allowed them to log into potentially one billion user accounts without even needing to type in a password.

In a recent notification email to affected users, both commercial and private subscribers are being urged to initiate two-factor authentication and to keep a close eye on their accounts. There are also calls for multi-factor authentication to be activated by default for all online accounts.

Yahoo is busy notifying all affected account holders and has invalidated the forged cookies, but the image of a closed stable door and a horse disappearing into the distance still lingers…

Read more at http://www.theregister.co.uk/2017/02/16/yahoo_forged_cookie_hack_risk/

Share