Yahoo says all 3 bln accounts affected in 2013 breach

Yahoo says all 3 bln accounts affected in 2013 breach

Yahoo says all 3 bln accounts affected in 2013 breach

That's almost equal to half the people on Earth, although at least one IT security expert questions how many of those accounts represent unique users. Last December the USA firm said that around a third of its accounts had been compromised, however the company has now announced that every single one of its accounts had been breached.

Yahoo buried the stat in a recent update to its Account Security Update page. Other experts have advised users to activate two-factor authentication, although they offer conflicting recommendations on whether users should delete their accounts, with some warning that those accounts could be recycled and made available to new users.

Internet company Yahoo said Tuesday that all of its 3 billion user accounts were affected in a 2013 data breach - three times as many as it first reported late past year. The news briefly threatened Verizon's purchase plans, but the deal later went through for a reduced price. Yahoo was acquired by Verizon Communications four months ago. In addition, Yahoo says the hack didn't result in the theft of credit-card info or clear-text passwords.

"Yahoo is sending email notifications to the additional affected user accounts".

If you're having keeping track of the hacks, it's understandable; Yahoo had a separate data leak in 2014, which hit 500 million accounts.

To counter the breach, Yahoo required potentially affected users to change their passwords and invalidated unencrypted security questions and answers last December.

A Yahoo official emphasized Tuesday that the 3 billion figure includes many accounts that were opened but never or only briefly used.

Huge breaches of consumer online services like Yahoo have become more common over the past few years. "Undetected exfiltration of large amounts of data is a symptom of weak cryptography practices".

Related news