Cyber

Yahoo will warn users of state-sponsored attacks

Following the lead of some other top tech companies, Yahoo will begin to notify users if they believe their accounts have been targeted by state-sponsored attackers.

By Greg Otto

December 22, 2015

Following the lead of some other top tech companies, Yahoo will now notify users if they believe their accounts have been targeted by state-sponsored attackers.

In a blog post on Yahoo Security’s Tumblr page, Chief Information Security Officer Bob Lord said that if users are suspected of being targeted, they will be prompted to turn on two-step verification or Yahoo’s Account Key — where verification is done by push notifications on Yahoo’s mail app —to access their account. They will also be told to review all information that is stored and to check their settings to make sure attackers did not set up a rule to forward emails to an outside address.

“It’s important to note that if you receive one of these notifications, it does not necessarily mean that your account has been compromised,” Lord writes. “Rather, we strongly suspect that you may have been a target of an attack, and want to encourage you to take steps to secure your online presence.”

Lord also added any notification does not indicate that Yahoo’s internal systems have been breached.

The notification systems come as other popular services are moving to secure their users’ accounts. In October, Facebook announced a similar policy.

Earlier this month, Twitter started notifying users they believed have been targeted by hackers who were looking to break into their accounts.

Yahoo’s mail service is one of the most popular email services in the world. As of January 2014, there were 273 million Yahoo mail accounts worldwide, including 81 million in the U.S.

Yahoo will warn users of state-sponsored attacks

More Like This

Federal cyber officials search for funding solutions to keep up with growing demands

White House official: Next phase of zero trust will focus on operations

MITRE’s Federal AI Sandbox will focus on critical infrastructure, weather modeling, social services

Top Stories

SSA database to flag synthetic identity fraud has cost issues, GAO finds

Data, talent, funding among top barriers for federal agency AI implementation

Government websites aren’t created equal. GSA’s 10x program aims to change that

Announcing the 2024 FedScoop 50

House Republicans probe NIST on facial recognition for federal digital identity verification

White House’s final ‘Trust Regulation’ aims to bolster confidence in federal statistics

CISA official: AI tools ‘need to have a human in the loop’

Login.gov announces availability for facial recognition technology

More Scoops

Identity-focused attacks remain the most vulnerable entry point to an organization

Army’s futuristic IVAS headset could be a waste of $22B without user acceptance, IG warns

TMF awards $9M for 2 projects at smaller agencies

How finance regulatory agencies can help the sector mitigate security risks

Imposter email attacks: Overcoming ‘needle-in-a-haystack’ threats

Cyber defense strategies that focus on protecting people

New guidelines from NIST on how to avoid cyberattacks from a nation-state

Latest Podcasts

A look at next week’s hearing on unidentified anomalous phenomena

Login.gov launches facial recognition option; the White House issues final Trust Regulation

HHS is working on a new AI strategic plan; Budget woes for government’s science and technology efforts

Meet the winners of the 2024 FedScoop 50; And, how the DOE sees itself counteracting the AI industry’s ‘profit motive’

Tech

Defense

Cyber

FedScoop TV