This is becoming a joke of very bad taste. Today Yahoo is informing some users of its service that its accounts and information have been compromised. It is a new attack that would have put at risk personal data of an unspecified number of accounts.
On Wednesday, Yahoo has sent emails to users stating that their data had been exposed since someone has entered the profiles without the need for a password, which would have happened between 2015 and 2016. The difference between the two previous megafiltrations is that now Yahoo has only limited to contact the affected and has not made public the attack, so it is unknown the amount of accounts stolen.
Yahoo as an example of poor security management
What is really serious about all of this is that Yahoo is informing those affected that the attackers could enter their accounts without having to know the passwords, this due to the creation of 'false cookies', which they had already made known in The second hack. These fake cookies, or falsified cookies, acted as snippets of code hosted in the browser cache, which made it possible for the attacker to enter the user's profile in a simple way without having to write a single data.
According to Yahoo, during the progress of their investigation, published when the second attack was announced, they became aware of the existence of these fake cookies, which were reported to have been deactivated. However, everything seems to indicate that before such deactivation were part of this third attack.
We must remember that we are facing the biggest leak in Internet history. The first occurred in 2014 affecting 500 million profiles, which was announced last September, while the second one would have affected the personal data of at least 1 billion accounts during August 2013. And now, we have a third access Which would have been carried out between 2015 and 2016, stealing data associated with an unspecified number of accounts.
Verizon near getting a cut in the purchase price of Yahoo
Due to the serious security problems Yahoo has faced, rumors have surfaced that Verizon is looking for ways to cancel the purchase of the company, or at least reduce the sale price. This information has come up twice after the announcement of each leak, and earlier this morning, before the third leak was released, Bloomberg mentioned that Verizon had gotten a discount on the sale price.
The information pointed to a reduction of between 250 and 350 million dollars, directly affecting the price agreed for $ 4.83 billion, being just over $ 4.6 billion. This price reduction would come with the condition that Verizon shares legal responsibility before the wave of lawsuits approaching Yahoo, something that the operator sought to remove from the deal to leave Yahoo solely responsible for what could happen as a result of The hacks.
Here it should be mentioned that so far this information has not been confirmed, and even Verizon declined to offer comments on it.