New
#1
Exactly why I got rid of my Yahoo account back last Fall/Winter. Didn't want to chance it and besides really haven't used it over the years.
Tks 4 sharing that article Brink
Yahoo is warning some customers that state-sponsored attackers have accessed their accounts by using a sophisticated cookie forging attack, which doesn't require obtaining user passwords.The notice is a continuation of the company's response to a series of historic data breaches announced last year.
An email from Yahoo forwarded to ZDNet said:
"Our outside forensic experts have been investigating the creation of forged cookies that could allow an intruder to access users' accounts without a password. Based on the ongoing investigation, we believe a forged cookie may have been used in 2015 or 2016 to access your account."
A handful of others on Twitter also confirmed they had received an identical email notification.
Yahoo confirmed the notifications were genuine.
"The investigation has identified user accounts for which we believe forged cookies were taken or used. Yahoo is in the process of notifying all potentially affected account holders," a spokesperson confirmed...
Read more: Yahoo warning users that hackers forged cookies to access accounts | ZDNet
Exactly why I got rid of my Yahoo account back last Fall/Winter. Didn't want to chance it and besides really haven't used it over the years.
Tks 4 sharing that article Brink
Too late for me.
Hackers must have downloaded all of the emails in one of my accounts (back in 2014?).
I just got an email (using my name) from some site called "pchome.com.tw".
It was also sent to all of people that I have received emails from (up to 2015).
None of the recent email addresses (from new correspondents) were in the recipients list, which is why I think that they must have acquired the emails several years ago.
I wonder why they waited so long to use them?
Where can we learn what this forging is and what countermeasures can be taken against it? Is this unique to Yahoo, or a web account problem of a more general nature?
Oh, I see...
Yahoo: One Billion More Accounts Hacked — Krebs on Security
Never used yahoo except as 'play' email accounts so far no more spam than usual, have separate .org accounts for business only use, except for the Ashley Madison boondoggle in which that account was three jobs and two cities ago. So all the hackers got there was very obsolete info on me from what is practically the dark ages, net wise. Only the odd extortion attempt which was forwarded to the real FBI and a counter-threat to the would-be extortionist that I hoped that a black-ops team would come to knock his door down and kill his n- ass! Peace ever since. All you gotta do is set Thunderbird or Navigator[if anyone still uses it] or any other to view message source code, then you can read where it originally came from and whether anon mail services were used. If the latter, there are ways to find the true origins, but that's for another time.
BTW Yahoo keeps bugging me via the one email addy to change the pw, but already did that ages previous to their reminders.