Yahoo! Inc, one of the biggest Internet companies during its heyday, has now revealed that a hack from August 2013 stole data associated with over a billion user accounts.
It was September 2016 when Yahoo! revealed that 500 million user accounts were targeted and affected due to a comprehensive cybersecurity breach. Now, the company has revealed another hack that takes the mantle of the biggest breach of all time.
An investor release from the company read:
Yahoo believes an unauthorized third party, in August 2013, stole data associated with more than one billion user accounts.
Adding to the bleak reading, Yahoo admits that it hasn’t been able to ascertain or identify the reason or intrusion associated with the theft. To be absolutely certain that this incident is unrelated to the earlier hack, Yahoo said “this incident is likely distinct from the incident the company disclosed on September 22, 2016.
The stolen information “may” have included user account information such as email addresses, telephone numbers, hashed passwords, dates of birth and even encrypted or unencrypted security questions and answers. Yahoo claims that its investigation into the hack shows no indication of passwords in clear text, bank account information or payment card data.
Somewhat uncertainly, the company added:
Payment card data and bank account information are not stored in the system the company believes was affected.
Yahoo has confirmed that it is reaching out to notify potentially affected customers and is taking measures to change login credentials by requiring users to change passwords. Notably, the company has also disabled unencrypted security questions and answers as a means to accessing its accounts.
The company is urging users to review their online accounts for any suspicious activity and is recommending that they change their passwords and security questions and answers for other online accounts sharing the same credentials with their Yahoo account.
Image credit: Pixabay.