According to Yahoo!, the hackers used text files that track user preferences, commonly known as ‘cookies’ in tech circles, to get into some accounts. The use of cookies allowed hackers to avoid using passwords to gain access.
Yahoo! says it is currently contacting affected customers. This is the latest in a series of company breaches dating back to last year. Data thefts reported in September and December compromised 500 million and one billion records respectively.
Yahoo! says it has invalidated the forged cookies so they cannot be used again.