LONDON – Yahoo is warning users of potentially malicious activity on their accounts between 2015 and 2016. It’s the latest development in the internet company’s investigation of a mega-breach that exposed 1 billion users’ data several years ago.
It’s not clear how many users were affected by the malicious activity, which involved the use of forged cookies – strings of data which can be used to allow people to access online accounts without re-entering their passwords.
WATCH: Verizon gets Yahoo at a discount because of economic damage the Internet pioneer suffered from data breaches
Yahoo said in a statement issued Wednesday that its investigation “has identified user accounts for which we believe forged cookies were taken or used. Yahoo is in the process of notifying all potentially affected account holders.”
The company declined to say how many people were potentially affected.
According to emails shared by Yahoo users, the company has connected the breach to the same state-sponsored actor connected to an attack against the company announced in September 2016. In that case, as many as 500 million accounts were affected.
The data stolen in that breach was said to include names, email addresses, telephone numbers, dates of birth and hashed passwords.