Yahoo’s 2013 Hack Gave Up Details of All 3 Billion Accounts

Back in 2013 hackers broke into a database that held username and password data for users of Yahoo and related services. When the breach was originally reported in 2016 it was thought that only 1 billion accounts were swiped in the breach. The company is now stepping up and saying that the breach was much worse than it thought.

Yahoo was purchased by Verizon and is now part of Oath, that deal cost Verizon $4.5 billion. During the integration with Oath it was discovered that rather than “only” 1 billion account details having been stolen, Yahoo’s entire user base of 3 billion accounts was breached. The search firm did remind users that it took steps last year to protect all user accounts.

Users who were part of the breach last year were notified and required to change passwords and invalidated unencrypted security questions and answers. This would prevent hackers from using the data on its site or services.

Yahoo says that no additional action is required on its part to defend its users from hacking activity reports TechCrunch. The catch is that if you use the same username and password elsewhere online, the hackers could well breach your other accounts. Oath can’t be too happy about this discovery, Yahoo was sold on a $350 million discount because of the breach when it was thought to have affected only 1 billion users.