The Yahoo 2013 breach was even worse than we reported. Back in December 2016, Yahoo reported that about one billion accounts may have been exposed to hackers who they say may have also stolen use data like passwords and phone numbers. That figure is now 3 billion according to Yahoo’s new parent company Verizon and what this simply means is that nearly all user accounts may have been exposed.
In a statement, Yahoo said;
It is important to note that, in connection with Yahoo’s December 2016 announcement of the August 2013 theft, Yahoo took action to protect all accounts. The company required all users who had not changed their passwords since the time of the theft to do so. Yahoo also invalidated unencrypted security questions and answers so they cannot be used to access an account.
The company now says it will begin notifying the other 2 billion accounts that were not notified before. If you have a Yahoo account, it just means that some bad actors somewhere may be in possession of your email, phone number, birthday information and password among others. In the world we live in today, these data is what someone needs to know just about anything about you. For example, social media sites now allow people search for you using your phone number and/or email address and once that’s done, they can check you out on social media and find out just what you like, what you do and the friends you keep. Yes, that’s how scary it is.
The other part is that they sell the data on the dark web at really low prices. But as a user, you should login to your Yahoo account and update your password and hope it doesn’t happen again – even it’s beyond your control.
The maybe good news in all of this is that the stolen data doesn’t include payment information and bank details of users or passwords in clear text for that matter.
Yahoo said it will begin alerting accounts that weren’t previously notified of the attack.
Yahoo is now part of Verizon under the new name Oath.