The breach occurred in August 2013, but was only recently discovered, meaning that if you use Yahoo, your account has likely been impacted and you’ve been at risk for a long time.
Yahoo has released no details yet on the identity of hackers, and the investigation is ongoing.
In terms of the scope of the data that was taken, it’s about as bad as it could get. User names, passwords, real names, telephone numbers, dates of birth and passwords have all been exposed. About the only thing the hackers didn’t get was payment and credit card information.
Yahoo has taken the step of notifying all affected account holders and instructing them to change their passwords immediately. But given the scope and scale of the breach, even if you don’t get a notification from the company, you would be well served by taking that precaution, at a minimum.
Once again, this underscores the importance of not using the same password across multiple accounts. If any one of your frequently used sites is breached, you could put several of your accounts at risk, which could easily include unwittingly giving hackers access to your bank accounts, credit cards and more.
The news about the hack couldn’t have come at a worse time. Verizon is currently in the process of purchasing the company, and news like this could impact not only the process, but also the company’s valuation.
Unfortunately, this makes the third significant data breach Yahoo has reported in recent months.