Yahoo said this week it will begin notifying users who the Internet company believes are having their accounts targeted by state-sponsored hackers, following in the footsteps of recent decisions made by Facebook and Twitter.
Bob Lord, the chief information security officer with Yahoo, said in a blog post on Tuesday that account holders will now be asked to authorize suspicious login attempts, implement new passwords and take other precautionary measures if the company suspects they’re account has been attacked by foreign cybercriminals.
“We’re committed to protecting the security and safety of our users, and we strive to detect and prevent unauthorized access to user accounts by third parties. As part of this effort, Yahoo will now notify you if we strongly suspect that your account may have been targeted by a state-sponsored actor,” Mr. Lord said.
“It’s important to note that if you receive one of these notifications, it does not necessarily mean that your account has been compromised. Rather, we strongly suspect that you may have been a target of an attack, and want to encourage you to take steps to secure your online presence,” he continued, adding that the warnings shouldn’t be misconstrued to suggest Yahoo’s internal systems have been compromised, but rather more of an alert that will be rolled-out to specific users if the company becomes aware of any unusual account activity.
Yahoo’s decision to notify users of apparent state-sponsored hacks follows similar measures taken in recent months by social networking services Twitter and Facebook, and comes more than two years after Google implemented a similar feature.
The New York Times reported last month that staffers with the U.S. State Dept. had recently become the targets of cyberattacks waged over Facebook, and that the government had only become aware of the campaign after Facebook began notifying users of alleged state-sponsored hacks. Twitter began warning users two weeks ago of similarly suspicious activity, and several account holders who work in the fields of digital security have reported in the days since that they had received messages from the microblogging service.
As with other companies, Yahoo declined to identify the process it will rely on to locate alleged state-sponsored attacks, but said “rest assured we only send these notifications of suspected attacks by state-sponsored actors when we have a high degree of confidence.” Yahoo’s free email service boasted 273 million users as of February 2014, including roughly 81 million within the United States.