Share

Yahoo reveals more details about massive hack

San Francisco - Yahoo provided more details on Wednesday about an epic hack of its services, including that the culprits may have planted software "cookies" for ongoing access to users' accounts.

In revelations that could jeopardise the company's pending $4.8bn acquisition by US telecom giant Verizon, the internet pioneer said it was trying to pin down when it first knew its system had been breached and whether hackers gave themselves a way to get back into accounts whenever they wished.

"Forensic experts are currently investigating certain evidence and activity that indicates an intruder, believed to be the same state-sponsored actor responsible for the security Incident, created cookies that could have enabled such intruder to bypass the need for a password to access certain users' accounts or account information," Yahoo said in a filing with the US Securities and Exchange Commission.

There is no evidence the state-sponsored actor is still active in the California-based company's network, Yahoo told regulators.

Investigators are also trying to figure out how much people at Yahoo knew about the hack in late 2014, when the breach took place, according to the filing.

Yahoo announced the breach in September, saying it affected at least 500m customers.

Stolen user information included names, email addresses and answers to security questions, but did not include payment card data or unscrambled passwords, according to Yahoo.

The company warned users after checking into a hacker's claim of having stolen data.

Yahoo said in the SEC filing that law enforcement officials this week shared more data that a hacker claimed was pilfered from Yahoo, saying it was checking the authenticity.

There have been 23 lawsuits filed on behalf of Yahoo users claiming they were harmed by the hack, according to the filing.

A Verizon executive overseeing the purchase of Yahoo said last month that the deal was moving ahead pending the outcome of an investigation into the hack.

"We are not going to jump off a cliff blindly, but strategically the deal still does make sense to us," Verizon executive vice president Marni Walden said at a technology conference in California.

"What we have to be careful about is what we don't know."

He declined to comment on what information or circumstances might cause Verizon to walk away from the deal inked in July.

The company said earlier this month that the breach affecting Yahoo customers could have a "material" effect on the acquisition. Yahoo also warned of the possibility in its filing.

The use of the term "material" suggests a substantive change in Yahoo's value that was not previously known, and which could allow the telecom group to lower its offer or scrap the deal.

We live in a world where facts and fiction get blurred
Who we choose to trust can have a profound impact on our lives. Join thousands of devoted South Africans who look to News24 to bring them news they can trust every day. As we celebrate 25 years, become a News24 subscriber as we strive to keep you informed, inspired and empowered.
Join News24 today
heading
description
username
Show Comments ()
Rand - Dollar
18.89
+0.3%
Rand - Pound
23.87
+0.1%
Rand - Euro
20.38
+0.2%
Rand - Aus dollar
12.32
+0.1%
Rand - Yen
0.12
+0.2%
Platinum
908.05
0.0%
Palladium
1,014.94
0.0%
Gold
2,232.75
-0.0%
Silver
24.95
-0.1%
Brent Crude
87.00
+1.8%
Top 40
68,346
0.0%
All Share
74,536
0.0%
Resource 10
57,251
0.0%
Industrial 25
103,936
0.0%
Financial 15
16,502
0.0%
All JSE data delayed by at least 15 minutes Iress logo
Company Snapshot
Editorial feedback and complaints

Contact the public editor with feedback for our journalists, complaints, queries or suggestions about articles on News24.

LEARN MORE
Government tenders

Find public sector tender opportunities in South Africa here.

Government tenders
This portal provides access to information on all tenders made by all public sector organisations in all spheres of government.
Browse tenders