Yahoo is sending out warnings to its users that their accounts may have been compromised. Yahoo’s chief information security officer is telling users that forged cookies may have been used to access their accounts between 2015 and 2016.
“Our outside forensic experts have been investigating the creation of forged cookies that could allow an intruder to access users’ accounts without a password,” according to an email obtained by ZDNet. “Based on the ongoing investigation, we believe a forged cookie may have been used in 2015 or 2016 to access your account. We have connected some of the cookie forging activity to the same state-sponsored actor believed to be responsible for the data theft we disclosed on Sept. 22, 2016.”
Source: dailydot.com