Yahoo has admitted that more than one billion of its user accounts may have been affected in a hacking attack dating back to 2013.
Yahoo said the data stolen included names, phone numbers, passwords and email addresses, but crucially no credit card or bank payment details.
Yahoo claims to have discovered the 3-year-old data breach that enabled a hacker to compromise more than 1 billion user accounts, as part of a current investigation related to another humiliating hack that occurred in the same year. The new information breaks the record that Yahoo itself had already set in the same year for the largest publicly admitted security breach in history.
Both incidents took place during the tenure of Yahoo CEO Marissa Mayer, a CEO once praised for her steadfast determination, vision, focus and upbeat style in trying to tur Yahoo back into a major player on the web. She had taken the position on 4 years earlier.
It’s more bad news for Yahoo. Rumours have spread that the company that Verizon had agreed to buy for $4.8 billion is not very happy about the hacking revelations and may be trying to renegotiate the deal for a significantly smaller sum.
A statement from Yahoo said that it “believes an unauthorized third party, in August 2013, stole associated with more than one billion user accounts.”
The three-year-old hack was uncovered as part of continuing investigations by authorities and security experts into the 2014 breach,
Account users were urged to change their passwords and security questions.
In September, this year, Yahoo disclosed another breach from 2014 data. It said information had been “stolen by what we believe is a state-sponsored actor”. Yahoo did not say which country it held responsible.