Yahoo Hacked... Again
Yahoo said on Wednesday it had discovered another major cyber attack, saying data from more than 1 billion user accounts was compromised in August 2013, making it the largest breach in history.
The number of affected accounts was double the number implicated in a 2014 breach that the internet company disclosed in September. The Yahoo blamed that breach on hackers working on behalf of the government.
“An unauthorized party” broke into accounts, Yahoo said in a statement posted on the website. The company believes the two hacks are connected and that the breaches are “state-sponsored.”
Yahoo’s chief information security officer, Bob Lord, said the hackers used “forged cookies,” or bits of code that stay in the user’s browser cache so that a website doesn’t require a login every time you visit it. The cookies “could allow an intruder to access users’ accounts without a password.” The breach may be related to theft of Yahoo’s proprietary code, Lord added.
Yahoo had been investigating this hack since November and said the stolen user account information may have included names, emails addresses, telephone numbers, dates of birth, hashed passwords and, in some cases, encrypted or unencrypted security questions and answers.