Yahoo has a reputation of not handling its business with enough respect to its users. A couple years back, you can recall, the company intentionally failed to disclose about major breaches which led to exposure of thousands of credentials. Now, they are attempting to fix their reputation little by little, starting with today’s announcement. Surprisingly, the company did not make a public statement, but rather contacted every user personally. In fact, there are still so many unanswered questions about this incident. For example, why did Yahoo stood silent once again? This is rather disturbing, considering the fact that the warnings about this threat first emerged back in December of 2016. Now, over 2 months later, Yahoo sends alarming letters more actively. Does this mean that the attack is especially huge and can target almost anyone?
Yahoo warns its user community that an unknown amount of accounts might have been entered by a third-party. As it was explained, crooks had the effrontery to invade accounts without typing in passwords into the required slots. An opportunity to access accounts without using credentials occurred when hackers managed to create fake cookies while using proprietary codes. In the message about this threat, it is explained that Yahoo’s outside forensic experts have been analyzing the case and the generation of forged cookies. According to their discoveries, malicious attacks could have taken place between 2015-2016. The attack is explained to have been implemented by the same hackers that initiated the gigantic breach of 500million Yahoo clients which occurred in 2014. The same people, after the same thing: when will it end?
Yahoo advises its users to use precautionary measures to determine whether their accounts are not being tampered with. Keep an eye on them. Nevertheless, this seems to be just another rock in the garden of Yahoo. We can only imagine the amounts of people that will switch to more secure, or the ones that are just more lucky than Yahoo, services. Somehow, hackers are fond of targeting it and do not plan to leave it alone. If you are worried about account safety, we do recommend selecting another service to operate with. That is if you feel uncomfortable with Yahoo and would rather have nothing to do with it. We hope that more light is going to be shed on this matter and Yahoo will stop suffering from security issues. Quite recently the current owners started to negotiate with Verizon, but whether the company will buy Yahoo is still unclear.
Source: tripwire.com.
