Yahoo said Wednesday that 32 million user accounts were compromised over the last two years by hackers using forged computer “cookies.” The web giant, already beset by two huge data breaches last year, said the latest intrusions were carried out by the “same state-sponsored actor believed to be responsible for the 2014 breach.” In that breach, 500 million accounts were accessed.
“Based on the investigation, we believe an unauthorized third party accessed the company’s proprietary code to learn how to forge certain cookie,” the company said about the latest breach. The cookies—a file that identifies users by giving a message to a web browser from a web server—are no longer active and do not pose a threat to accounts. Chief Executive Marissa Mayer lost her cash bonus for 2016 over the series of breaches, and she has also promised to give up any awards for 2017 because the incidents took place on her watch. Read more.