Yahoo will warn users of state-sponsored attacks
Following the lead of some other top tech companies, Yahoo will now notify users if they believe their accounts have been targeted by state-sponsored attackers.
In a blog post on Yahoo Security’s Tumblr page, Chief Information Security Officer Bob Lord said that if users are suspected of being targeted, they will be prompted to turn on two-step verification or Yahoo’s Account Key – where verification is done by push notifications on Yahoo’s mail app -to access their account. They will also be told to review all information that is stored and to check their settings to make sure attackers did not set up a rule to forward emails to an outside address.
‘It’s important to note that if you receive one of these notifications, it does not necessarily mean that your account has been compromised,’ Lord writes. ‘Rather, we strongly suspect that you may have been a target of an attack, and want to encourage you to take steps to secure your online presence.’
Lord also added any notification does not indicate that Yahoo’s internal systems have been breached.
The notification systems come as other popular services are moving to secure their users’ accounts. In October, Facebook announced a similar policy.
Earlier this month, Twitter started notifying users they believed have been targeted by hackers who were looking to break into their accounts.
Yahoo’s mail service is one of the most popular email services in the world. As of January 2014, there were 273 million Yahoo mail accounts worldwide, including 81 million in the U.S.