Better late than never.
Can’t say we fully agree, but that’s apparently the policy Yahoo has adopted with regard to notifying its users about reams of their personal information stolen by hackers in what was thought to be the largest hack in history.
The 2013 data breach which was revealed last year to have affected around one billion accounts — was just revealed to be in fact three times worse, according to Yahoo’s parent company Oath.
In a statement, Oath said that the breach actually affected all three billion or so Yahoo users who had an account with the company in 2013. So if you had a Yahoo account four years ago, it’s possible hackers stole personal information including your name, birthday, email address, phone number, password and security questions and answers.
“The company recently obtained new intelligence and now believes, following an investigation with the assistance of outside forensic experts, that all Yahoo user accounts were affected by the August 2013 theft,” Oath said. “While this is not a new security issue, Yahoo is sending email notifications to the additional affected user accounts.”
While Oath, a subsidiary of Verizon, says that credit card and bank account information was not compromised in the massive breach, forgive us if we’re not exactly taking them at their word and would suggest keeping an eye on your accounts and a possible credit freeze.
Furthermore, it would be prudent to change your passwords, switch up your security questions and avoid clicking any links from Yahoo for a few weeks due to potential information phishers … unless they’re from someone in your fantasy football league.
This article was featured in the InsideHook newsletter. Sign up now.