Skip to main content
  1. Home
  2. Computing
  3. News

Yahoo is warning users over state-sponsored cookie-forging attacks

Add as a preferred source on Google

Yahoo’s security woes continue with the company sending out a fresh warning to users over hacked accounts at the hands of allegedly state-sponsored actors.

In an email to users, Yahoo said it has identified evidence of cookie-forging attacks on some accounts, which would allow attackers to access an account without re-entering a password. The email was only sent to accounts that Yahoo believes have been affected by these intrusion attempts so we don’t know how many people have been impacted.

Recommended Videos

“Our outside forensic experts have been investigating the creation of forged cookies that could allow an intruder to access users’ accounts without a password,” the email reads. “Based on the ongoing investigation, we believe a forged cookie may have been used in 2015 or 2016 to access your account.”

It is believed that hackers obtained Yahoo’s source code for creating cookies. The company’s forensics team has invalidated any corrupted cookies it found.

It’s not clear what evidence Yahoo has to suggest these cookie forging attempts were state-sponsored. However, Yahoo has been the victim of at least two major hacks that were disclosed in the last few months for which it pointed the finger at possible hackers acting on behalf of a government.

The numerous data breaches at the web firm included 500 million accounts compromised in 2014 and up to 1 billion accounts compromised in 2013. But it wasn’t until last year that these mega breaches — as they’ve been dubbed — came to light. Yahoo is now currently under investigation by the Securities and Exchange Commission over why it waited years before disclosing the details of the hacks.

The security blunders could be costly for Yahoo as Verizon, its purchaser, has since sought a price tag reduction between $250 million and $350 million (off the original $4.83 billion offer), as it was unaware of these breaches when the offer was made.

Jonathan Keane
Jonathan is a freelance technology journalist living in Dublin, Ireland. He's previously written for publications and sites…
How to install macOS 27 Golden Gate public beta on your Mac?
From a smarter Siri to a more reliable Spotlight, here's your full walkthrough for installing macOS 27 Golden Gate's public beta today.
macOS 27 Golden Gate

Along with iOS 27’s public beta, Apple has also released macOS 27 Golden Gate’s public beta build, so that early adopters can get their hands on the new features, including Siri AI, and provide timely feedback to help ensure a stable iOS launch in September. 

If you’re sold on all the new features but don’t want to put your faithful MacBook through developer beta duty, a public beta offers a much more refined experience. To install macOS 27’s public beta, follow the steps given below. 

Read more
Microsoft is finally fixing the worst thing about Windows Search, but you can’t try it just yet
Windows Insiders in the Experimental channel are getting a Search experience that finally feels less of a billboard and more of what users actually need.
Page, Text, Person

Windows Search has been a mess for years, and I do not use that word lightly. Open it to find a file, and you get trending Bing topics, Microsoft Store promotions, and an AI tools tile that just opens a browser. 

That is changing, but not immediately for all users. Microsoft is rolling out a batch of Windows Search improvements to Insiders in the Experimental channel, and for once, this isn't just a fresh coat of paint.

Read more
Apple doesn’t want to share this AirPods feature with Meta, but the EU may force its hand
Spring 2027, EU only, built under DMA pressure.
The front of the Ray-Ban Meta smartglasses.

I’ve been an AirPods user for the last four years, and one of the things that makes it genuinely hard to leave behind is the seamless, almost magical pairing experience across devices. Open an AirPods case near your iPhone, and a pop-up appears within seconds. Switch to your Mac and the audio follows. 

However, the experience is limited only to Apple devices. Doesn’t matter whether you have one of the coolest pieces of tech on the market right now; if it’s not Apple, it won’t get the same treatment. However, that might change for the Meta Quest or the Ray-Ban Meta glasses, thanks to pressure from the EU. 

Read more