In a bizarre revelation, Yahoo has confirmed that more a billion of its user accounts were hacked. Worse yet, this had happened back in August 2013, according to the company. And in case you’re wondering, this data breach is separate from the one announced in September this year which had affected more than 500 million users in 2014.
Yahoo believes that the data of the more than a billion affected people includes their names, email addresses, telephone numbers, dates of birth and hashed passwords (using MD5). Moreover, in some cases it could also include encrypted or unencrypted security questions and answers. This is the reason why the company has invalidated these answers with immediate effect.
But there’s a good chance that the same security questions and answers have been used by affected people on other websites. It is hence advised that they change them immediately. Yahoo is currently reaching out to affected users; so they should received a message soon.
Much to the relief of Yahoo users, it has been mentioned that no payment card data and bank account information is included in the stolen data. As precautions, the company has asked its users to change their account passwords and security questions. Moreover, it has even advised them to check their other accounts for suspicious activity. They have been advised to be cautious about unsolicited communications and suspicious email attachments.
As a result of this revelation, Yahoo’s stock price has gone down by 2.5 percent in after-hours trading.