informa
/
News

Yahoo Now Alerting Users Of State-Sponsored Hacks

Yahoo will begin warning its users when the company suspects that customers' accounts have been targeted by state-sponsored hackers. Twitter and Facebook have already started similar alert systems.
7 Hot Advances In Email Security
7 Hot Advances In Email Security
(Click image for larger view and slideshow.)

First, Facebook, and Twitter started alerting users. Now, Yahoo is planning to notify its customers if the company suspects that their accounts have been hacked by parties working on behalf of governments.

These new Yahoo notifications will provide targeted users with specific actions they can take to help ensure that their Yahoo accounts are safe and secure.

A Dec. 21 blog post by Bob Lord, Yahoo's chief information security officer, explained some of the actions users should take immediately if contacted by Yahoo in this case.

The blog post explains that if a user receives a message from Yahoo regarding a suspected hack by state-sponsored actors, users should turn on the account key, or two-step verification, to approve or deny sign-in notifications, in order to grant or refuse access to the user's account.

Lord also recommends choosing a strong, unique Yahoo account password that has never been shared or used before. He also asks users to review the company's guidelines for creating a strong password and change the account's old password.

Users should also check that their account recovery information, such as a phone number or alternate recovery email address, is up-to-date and that they still have access to them. They should remove ones that they no longer have access to or don't recognize.

Lord wrote that users should also check mail forwarding and reply-to settings, since hackers could edit these settings to receive copies of emails that users send or receive. Finally, users are also asked to review their recent activity in account settings for sessions they don't recognize.

"We're committed to protecting the security and safety of our users, and we strive to detect and prevent unauthorized access to user accounts by third parties," Lord wrote. "As part of this effort, Yahoo will now notify you if we strongly suspect that your account may have been targeted by a state-sponsored actor. We'll provide these specific notifications so that our users can take appropriate measures to protect their accounts and devices in light of these sophisticated attacks."

Lord also cautioned that it's important to note that, should a user receives one of these notifications, it does not necessarily mean that the account has been compromised. Rather, it suggests that Yahoo strongly suspects that the user may have been a target of an attack.

The purpose of the notification is to encourage users to take steps to secure their online presence. These warnings to Yahoo users do not indicate that Yahoo's internal systems have been compromised in any way.

[Read about the backlash against Yahoo because of ad blocking.]

"In order to prevent the actors from learning our detection methods, we do not share any details publicly about these attacks," Lord explained. "However, rest assured we only send these notifications of suspected attacks by state-sponsored actors when we have a high degree of confidence."

In October, social media giant Facebook announced it would start notifying its users if the social networking company suspects an account has been targeted or compromised by an attacker suspected of working on behalf of a nation-state.

Earlier this month, Twitter warned dozens of activists, researchers, nonprofits, and journalists that their accounts on the social media site have been targeted by nation-state hackers.

**Elite 100 2016: DEADLINE EXTENDED TO JAN. 15, 2016** There's still time to be a part of the prestigious InformationWeek Elite 100! Submit your company's application by Jan. 15, 2016. You'll find instructions and a submission form here: InformationWeek's Elite 100 2016.