Yahoo says 32m user accounts were accessed via cookie forging attack
Asha McLean reports:
Yahoo has said that an unauthorised third party accessed the company’s proprietary code to learn how to forge certain cookies, which it said resulted in an intruder accessing approximately 32 million user accounts without a password.“The outside forensic experts have identified approximately 32 million user accounts for which they believe forged cookies were used or taken in 2015 and 2016,” Yahoo disclosed in its annual report, filed with the US Securities and Exchange Commission (SEC) on Wednesday.
Read more on ZDNet.
In related news, read Kara Swisher’s report on Recode: Yahoo’s head lawyer is taking the fall for its hacking, while CEO Marissa Mayer is getting her pay docked