As per the company’s statement on October 3, every Yahoo account was affected by the data breach occurred in 2013. Further it disclosed that 500 million accounts were hacked in a separate attack in 2014.
In 2016, Yahoo disclosed more than one billion of about three billion accounts which were affected by the hack. In its disclosure on Tuesday, the company said all the accounts were victimized.
The breach was discovered through its new intelligence obtained when the company integrated with Verizon Communications. Yahoo found out the wide breach in a recent update to its Account Security Update page, with the help of forensic experts, who also assisted in the investigation.
“It is important to note, Yahoo took action to protect all accounts. The company required all users to immediately change their passwords. Yahoo also invalidated unencrypted security questions and answers so they cannot be used to access the accounts,” Yahoo said on Tuesday.
Yahoo issued a statement earlier in December 2016 about the mass breach. The company has started alerting the accounts which were not previously notified of the attack.
In 2013, a breach enabled attackers to steal email addresses, passwords, birthdates, and telephone numbers, among other sensitive information.
The latest investigation indicated, the stolen information did not contain passwords in clear text, payment card information about bank accounts.
Verizon Communication acquired Yahoo is June along with AOL, which is under Oath, Verizon’s subsidiary.