Skip to main content

It turns out every Yahoo account was hit by the data breach a few years ago

The company now says hackers hit all 3 billion accounts, not 1 billion

A 2013 security breach at Yahoo affected three times as many accounts as the company first thought, a new announcement says. 

Yahoo was acquired this summer by Verizon, which said Tuesday the data theft affected not just one billion accounts, as Yahoo reported last year, but "all three billion accounts." 

Verizon had investigators look back at the data breach as part of its integration with Yahoo. 

They say the hackers did not steal any bank account or payment card numbers. What they did steal were names, email addresses, telephone numbers, birth dates, hashed passwords, and security questions.

Last year Yahoo made the one billion account holders they knew were affected change their passwords and their security questions.

Now they'll send emails to another two billion people advising them to do that, too. 

Beware of phishing scams 

As Yahoo prepares to send out a couple billion emails, you can bet that scammers will be reaching out, too. 

On a web page answering FAQs about the security breach, Yahoo says its emails will not include any links or attachments. 

So if you get an email about your Yahoo account asking you to click on a link or open an attachment, you can be sure that's a phishing scam. 

Besides changing their passwords and security questions, Yahoo also suggests people consider using a two-step verification. That's where they send a code to your phone for you to enter before you can open your account. 

Yahoo now part of Oath

Verizon paid $4.5 billion for Yahoo, although the BBC says the purchase price came down a few hundred million after Yahoo discovered it had been hacked in 2013 and also 2014

Verizon is combining Yahoo and other brands including AOL into a new company called Oath. 

Even though Yahoo is getting absorbed, it's apparently still getting investigated, too. The Wall Street Journal reports the Securities and Exchange Commission is looking at why it took the company so long to report the data breaches and whether they broke any laws by delaying. 

Next Up

covid test 6

You can order 4 free at-home COVID tests starting January 19

Tests will ship for free within 7-12 days, according to the White House.

Screen Shot 2022-01-17 at 9.39.38 PM

Jordan Greenway runs into Darcy Kuemper, sparks fight

Kuemper got knocked out of the game, leading to the brawl.

Kirill Kaprizov

MacKinnon's controversial goal helps Avalanche top Wild

Kirill Kaprizov's two goals were spoiled by a questionable call.

powell itasca jail jan 2022 resize

Attorney accused of sex assault misses hearing, DMs judge

He was arrested the next day after a warrant was issued,

lorie shaull vulcan snow park st paul winter carnival 2018

Winter Carnival: Get vaccinated or test negative before coming

Organizers are also reminding people to be mindful of the city's emergency regulations.

hospital, emergency room

Driver, 15 years old, hurt when car collides with SUV

The road was wet at the time, the State Patrol said.


The Equifax breach may've hit another 2.5 million people

The total number possibly affected is now over 145 million.

Data breach at DoorDash compromises nearly 5 million accounts

The food delivery service says some users should reset their passwords.

Franken to Yahoo: Why did it take 2 years to discover data breach?

Minnesota U.S. Senator and Congress' resident data protector Al Franken has turned his ire on Yahoo! after a huge data breach.

Payment information accessed in Delta data breach

Delta says a 3rd party company was breached in the fall.