Skip to navigationSkip to content

Another huge hack at Yahoo compromised more than 1 billion accounts

AP Photo/Marcio Jose Sanchez
Another day, another hack.
  • Dave Gershgorn
By Dave Gershgorn

Artificial intelligence reporter

Published Last updated This article is more than 2 years old.

More than 1 billion Yahoo accounts were compromised in August 2013 by hackers, Yahoo announced today (Dec. 14).

The hack, which Yahoo believes is not connected to the security breach it previously disclosed in September 2016, would have had access to a large swath of information, including a user’s:

  • name
  • email addresses
  • telephone number
  • date of birth
  • hashed passwords
  • security questions and answers

Bank account and payment card information was not affected, Yahoo says, since it was stored using a different system. The previously disclosed hack, which took place in 2014, compromised 500 million accounts.

Yahoo is notifying potentially affected users.

To make matters worse, Yahoo announced that it had uncovered another security vulnerability: the same “state-sponsored actor” accused of the 2014 hack was found to have been able to forge data to allow entry into users’ accounts without a password. Yahoo says it has contact affected users.

In today’s announcement, Yahoo encouraged users to review all of their online accounts for suspicious activity, and to change their passwords and security questions and answers for any other accounts that they used the same or similar information as they do for their Yahoo account.

Verizon, which agreed to purchase Yahoo for $4.8 billion in July, said it will, “evaluate the situation as Yahoo continues its investigation,” according to CNBC.

Yahoo’s stock price is down about 2.5% in after-hours trading.

📬 Kick off each morning with coffee and the Daily Brief (BYO coffee).

By providing your email, you agree to the Quartz Privacy Policy.