IT Security: Yahoo hackers accessed 32 million accounts with forged cookies

The company admitted execs ‘failed to act’ on knowledge of breaches in 2014

In a regulatory filing, Yahoo revealed some additional details about data breaches that have affected over a billion accounts. Among that information is the news that hackers who obtained Yahoo’s code and were able to create their own cookies were able to access 32 million accounts through 2015 and 2016. Additionally, the 10-K statement provided to the SEC says that Yahoo notified 26 individuals and consulted with law enforcement after it became aware that state-sponsored hackers had exploited its account management tool for access.

Yahoo publicly revealed the extent of these breaches in December, but admits in the report that in 2014 “it appears certain senior executives did not properly comprehend or investigate, and therefore failed to act sufficiently upon, the full extent of knowledge known internally by the Company’s information security team.”

As a result of the investigation, its board has decided that CEO Marissa Mayer will not receive a cash bonus she was to receive for 2016, while general counsel Ronald S. Bell resigned. As a result of the revelations that account information had been stolen, which Mayer says she became aware of in September of last year, Verizon cut $350 million from its offer to acquire Yahoo.

For more information and a personalized IT Solutions business offer, please contact us.