Verizon-owned Yahoo today announced through an official post confirming that the massive data breach which took place in August 2013 affected not just one billion, but every single user connected to its service.
The new number is up from a previously reported one billion figure to a hefty three billion user accounts. So if you happen to own a Yahoo account, and did not previously receive an email for a password change, it may already be too late to change it right now as it was also a part the security breach.
Yahoo was already too late when it announced details of the massive security breach which reportedly took place in 2013. It was a good three years, when the internet company announced the first details of the impact of the breach in December, 2016. Back then, Yahoo announced that more than a billion user accounts were compromised, exposing details like names, emails, hashed passwords and more.
Back in 2016, Yahoo was involved in another data breach which it had announced a few months prior in September, 2016.
“Verizon is committed to the highest standards of accountability and transparency, and we proactively work to ensure the safety and security of our users and networks in an evolving landscape of online threats,” said Chandra McMahon, Chief Information Security Officer, Verizon. “Our investment in Yahoo is allowing that team to continue to take significant steps to enhance their security, as well as benefit from Verizon’s experience and resources.”
Indeed, the internet brand will see a lot more lawsuits headed its way, but these will now have to handled by Verizon that acquired Yahoo for $4.48 billion (a lowered price due to the severity of the hacks). Yahoo now falls under Verizon Communication’s new division named Oath which also covers its other internet properties, like TechCrunch, Tumblr, HuffPost, Engadget and Ryot to name a few.
The statement from Yahoo, now managed by Oath, said, “Subsequent to Yahoo’s acquisition by Verizon, and during integration, the company recently obtained new intelligence and now believes, following an investigation with the assistance of outside forensic experts, that all Yahoo user accounts were affected by the August 2013 theft. While this is not a new security issue, Yahoo is sending email notifications to the additional affected user accounts. The investigation indicates that the user account information that was stolen did not include passwords in clear text, payment card data, or bank account information. The company is continuing to work closely with law enforcement.”