Yahoo Confirms Cookie-Forging Attack Led to Breach
In an SEC filing, Yahoo has confirmed that a cookie-forging attack led to a data breach involving more than 32 million accounts in 2015 and 2016. The actual filing said, “Based on the investigation, we believe an unauthorized third party accessed the Company’s proprietary code to learn how to forge certain cookies. The outside forensic experts have identified approximately 32 million user accounts for which they believe forged cookies were used or taken in 2015 and 2016 (the “Cookie Forging Activity”). We believe that some of this activity is connected to the same state-sponsored actor believed to be responsible for the 2014 Security Incident. The forged cookies have been invalidated by the Company so they cannot be used to access user accounts.”
In response to the attack, CEO Marissa Mayer announced that she was taking full responsibility for the attack and that instead of receiving her annual bonus and equity grant, she would have it distributed among Yahoo’s employees.
IT Solutions Builder TOP IT RESOURCES TO MOVE YOUR BUSINESS FORWARD
Which topic are you interested in?
What is your company size?
What is your job title?
What is your job function?
Searching our resource database to find your matches...