Yahoo notifies users that hackers didn’t even need passwords to breach accounts
Seriously, are you still using Yahoo email services?
Yahoo is warning more of its users that their accounts might have still accessed by unauthorised parties.
Yahoo believes that malicious users, using the proprietary code stolen in the recent databreach, can forge cookies that would allow them to access accounts without needing a password:
My suggestion?
Migrate your e-mail to a more secure service or a self-hosted solution! :-)
References and articles
[embed]http://www.usatoday.com/story/tech/news/2017/02/15/yahoo-notifies-users-forged-cookie-breach/97955438/[/embed]
[embed]http://www.usatoday.com/story/tech/news/2017/02/15/yahoo-notifies-users-forged-cookie-breach/97955438/[/embed]
[embed]http://www.usatoday.com/story/tech/news/2017/02/15/yahoo-notifies-users-forged-cookie-breach/97955438/[/embed]
[embed]http://www.usatoday.com/story/tech/news/2017/02/15/yahoo-notifies-users-forged-cookie-breach/97955438/[/embed]
[embed]http://www.usatoday.com/story/tech/news/2017/02/15/yahoo-notifies-users-forged-cookie-breach/97955438/[/embed]
[embed]http://www.usatoday.com/story/tech/news/2017/02/15/yahoo-notifies-users-forged-cookie-breach/97955438/[/embed]
[embed]http://www.usatoday.com/story/tech/news/2017/02/15/yahoo-notifies-users-forged-cookie-breach/97955438/[/embed]