Yahoo suffered from a cyber-attack incident that technically tricked cookies into users' logging account passwords.
Yahoo investigated the incident and asked those affected by the attack to log into their accounts without passwords.
Source: https://www.zdnet.com/article/yahoo-says-32m-user-accounts-accessed-via-cookie-forging-attack/
TPRM report: https://scoringcyber.rankiteo.com/company/yahoo
"id": "yah11136722",
"linkid": "yahoo",
"type": "Breach",
"date": "02/2017",
"severity": "60",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"