On Tuesday, Yahoo announced every single one of their accounts was affected by a data breach that occurred in 2013.
Last year, Yahoo disclosed that one billion of its three billion accounts had been compromised. The breach allowed hackers to steal email addresses, passwords, birth dates, telephone numbers and more. This new finding was added to its Account Security Update page. Yahoo said it found out about the wider breach through new intelligence obtained during the company’s integration into Verizon.
In a statement, Yahoo said: “It is important to note that, in connection with Yahoo’s December 2016 announcement of the August 2013 theft, Yahoo took action to protect all accounts. The company required all users who had not changed their passwords since the time of the theft to do so. Yahoo also invalidated unencrypted security questions and answers so they cannot be used to access an account.”
Yahoo said it will begin notifying accounts that weren’t previously notified of the attack.