Yahoo believes that its system which stores debit/credit card and other banking related transactions have not been affected by the hack. It would be prudent for Yahoo account holders to take immediate precautionary measures to safeguard their financial transactions regardless of Yahoo’s disclosures.
In what is slated to be a double whammy for Yahoo Inc., the tech company has now disclosed that it has uncovered yet another massive cyberattack that has compromised more than 1 billion user accounts, making it the largest breach in history.
Verizon has reacted to this disclosure by stating, “we will review the impact of this new development before reaching any final conclusions.”
A spokesman for Yahoo said the company was confident that the news will not have an effect on the pending acquisition. Yahoo is cooperating with Verizon in its investigation.
Yahoo now requires all of its customers to reset their passwords.
Yahoo believes hackers were able to access its proprietary code and now knows how to forge “cookies” that would allow them to access accounts even without a password.
“Yahoo badly screwed up,” said Bruce Schneier, a cryptologist and one of the world’s most respected security experts.
“They weren’t taking security seriously and that’s now very clear. I would have trouble trusting Yahoo going forward.”
Yahoo has yet to identify the intrusion that led to the massive data theft.
Significantly, it has disclosed that payment-card data and bank account information were not stored in the system that were affected by the breach.
U.S. technology companies, including from Google, Facebook and other large companies were invited to meet President-elect Donald Trump in New York. Yahoo wasn’t invited to the summit, as per sources familiar with the meeting.
With the news hitting the market, Yahoo’s shares were down by 2.4% to $39.91 in extended trading.
Verizon’s shares were almost unchanged and closed at $51.63.