Yahoo has had its fair share of data breach issues in recent years, and its most notable incident — the monstrous 2013 data breach that was believed to give hackers access to data from one billion accounts — was actually underestimated. The company now believes all three billion of its user accounts at the time were affected by that hack.
The company made the announcement on Tuesday. To be clear, this is not a new hack — just an update on the figures of the 2013 hack. Yahoo is basing the updated information on new intelligence and further investigation into the breach. New email notifications are being sent to the remaining affected user accounts, Yahoo claims.
Yahoo’s 2013 breach involved sensitive user information such as names, telephone numbers, and birthdates, as well as security questions and answers. Considering how similar many security questions are on websites across the internet, this made the breach even worse.
If you have a Yahoo account, you’ve likely changed your password since then, possibly even a number of times. But if you haven’t — or if it will make you feel more secure — it makes sense to change your password once again. Further information on the hack and subsequent responses can be found on Yahoo’s 2013 Account Security Update FAQs page.
Yahoo isn’t the only company announcing an increased number of hacked accounts in recent days. Equifax also recently confirmed that an additional 2.5 million additional U.S. customers were “potentially impacted” by the firm’s recent data breach.
Considering that Equifax’s initial release noted that 143 million U.S. adult consumers were impacted by the breach, it seems hard to believe that even more consumers could have been affected. The review also determined that roughly 8,000 Canadian consumers were affected by the breach.
We offered further information in the aftermath of Equifax’s breach, and that advice still stands. Check out our Reactions and Tips article for more details.