Yahoo Breached Again
Posted by: Timothy Weaver on 02/16/2017 11:46 AM
[
Comments
]
Yahoo announced on Wednesday that they have been hacked again.
Yahoo and researchers have said that this new hack was said to be related to the use of "forged cookies" – data strings used across the web that can enable access to web accounts without re-entering a password.
"Based on the ongoing investigation, we believe a forged cookie may have been used in 2015 or 2016 to access your account," read the statement from Yahoo.
It is not known how many users accounts were affected. But this latest round of hacking is said to have played a major role in the acquisition by Verizon.
Reports state that the price that Verizon is willing to pay for the web giant may have been reduced by $250 - $350 million. In addition, Verizon and Yahoo will split the cost of fallout resulting from the breaches.
The litany of investigators into the hack includes federal, state, and foreign governmental officials and agencies, including the U.S. Federal Trade Commission and the U.S. Securities and Exchange Commission as well as the FBI.
"This trickling out of breach notices undermines the whole purpose of breach notification laws: afford consumers the ability notice such that they can act to protect their identities," Mike Overly, a partner in the cybersecurity practice at Foley & Lardner LLP, told SC Media on Wednesday. "When months and sometimes years pass, that purpose cannot be fulfilled and the breach notification becomes a useless fiction. Any potential harm that could be done, has been done. This is the security equivalent of closing the barn door after the horse has escaped."
Jason Hart, CTO of data protection at Gemalto, said: "Now, it only remains to see how much more of a discount Verizon may ask for.”
Source: SCMagazine
Yahoo and researchers have said that this new hack was said to be related to the use of "forged cookies" – data strings used across the web that can enable access to web accounts without re-entering a password."Based on the ongoing investigation, we believe a forged cookie may have been used in 2015 or 2016 to access your account," read the statement from Yahoo.
It is not known how many users accounts were affected. But this latest round of hacking is said to have played a major role in the acquisition by Verizon.
Reports state that the price that Verizon is willing to pay for the web giant may have been reduced by $250 - $350 million. In addition, Verizon and Yahoo will split the cost of fallout resulting from the breaches.
The litany of investigators into the hack includes federal, state, and foreign governmental officials and agencies, including the U.S. Federal Trade Commission and the U.S. Securities and Exchange Commission as well as the FBI.
"This trickling out of breach notices undermines the whole purpose of breach notification laws: afford consumers the ability notice such that they can act to protect their identities," Mike Overly, a partner in the cybersecurity practice at Foley & Lardner LLP, told SC Media on Wednesday. "When months and sometimes years pass, that purpose cannot be fulfilled and the breach notification becomes a useless fiction. Any potential harm that could be done, has been done. This is the security equivalent of closing the barn door after the horse has escaped."
Jason Hart, CTO of data protection at Gemalto, said: "Now, it only remains to see how much more of a discount Verizon may ask for.”
Source: SCMagazine
Comments
