The company has disclosed a hack that took place way back in August 2013, in which hackers obtained data from a stunning 1 billion accounts. Yahoo claims this information could include names, email address, phone numbers, dates of birth, encrypted passwords, and even the answers to some security questions, both encrypted and unencrypted.
It’s currently unknown exactly how this hack happened, as well as why it took so long for anyone to find out about it. Yahoo itself apparently didn’t learn about the hack until it began investigating the September hack — but that begs another question: How did it take so long for Yahoo to discover a hack of this scale?
The company is quick to point out that, according to its investigation, no passwords in clear text were obtained, nor any credit card data or bank information.
“Payment card data and bank account information are not stored in the system the company believes was affected,” Yahoo Chief Information Security Officer Bob Lord said in a statement.
Yahoo says that it will notify everyone it thinks was impacted by the hack, and that it believes all the unencrypted security questions and answers were made invalid. If you suspect that your account may have been compromised, Yahoo suggests that you review your account for suspicious activity and be wary of any phishing scams.
Unfortunately for Yahoo customers, this isn’t the only hack the company has suffered from. In September Yahoo, underwent a “state-sponsored” hack in which information was stolen from 500 million accounts.
Yahoo is currently in the midst of an acquisition be Verizon, which has agreed to pay a hefty $4.83 billion for the company. It’s unclear how and if the disclosure of this hack will affect that acquisition.
We’ve reached out to Yahoo for more information and will update this story if and when we hear back.
