Many companies featured on Money advertise with us. Opinions are our own, but compensation and
in-depth research determine where and how companies may appear. Learn more about how we make money.

Published: Feb 16, 2017 2 min read
Company Signs
Yahoo corporate offices and headquarters in Sunnyvale, California.
Lisa Werner—Moment Editorial/Getty Images

Yahoo is at the center of another hacking incident — its third since 2013 — after the company discovered cyber attackers created "forged cookies" that can access user accounts without their login information. Yahoo told the Guardian that the forged cookies have been "invalidated" and cannot be used again, but the potentially malicious activity could still have implications for already-affected users.

Affected users are at risk of financial or identity fraud. Credit card information and personal details could be accessible through breached accounts.

Compromised accounts should have received an email from Bob Lord, Yahoo's chief information security officer, warning of the data security issue. The company said that almost every affected user had been notified as of Wednesday, but that investigations are still ongoing, the Guardian reports.

The number of affected users remains unknown. All Yahoo account owners should check to see if they've received Lord's email, which includes security recommendations for protecting accounts going forward. An affected account should be reviewed for suspicious activity and users should avoid responding to unsolicited messages.