Yahoo has identified another security breach on its systems that compromises the data of its users in what is a separate attack from the one that the company revealed back in September.
The first data breach that Yahoo confirmed was said to be the biggest one in the history of cybersecurity, affecting 500 million users whose account information were stolen in late 2014. The new incident, however, might be even bigger.
New Yahoo Security Breach
According to Yahoo, law enforcement authorities approached the company with what they said were data files that came from a third party. It was claimed that the data files contained Yahoo user data, and an analysis confirmed that they indeed held Yahoo account information.
Further analysis on the data revealed that the user data was stolen in August 2013 and that over 1 billion accounts were compromised by the security breach, making it double in size compared to the previous one that was revealed by Yahoo.
Yahoo said that for the compromised accounts, the user account information that could have been stolen include names, contact details, email addresses, birthdays, hashed passwords, and in certain cases, encrypted or unencrypted security questions and their corresponding answers. These information is similar to what were possibly compromised in the previously confirmed security breach, but Yahoo said that this is a separate incident altogether.
Information that were not stolen, meanwhile, include passwords in plain text, along with payment details and bank account information that Yahoo believes were not stored in the system where the security breach occurred.
What To Do If You Have A Yahoo Account
Yahoo said that it has notified users that were potentially affected by the security breach and have taken measures to protect them, including a requirement for new passwords. The company has also invalidated security questions and answers that were unencrypted to prevent attackers from using them.
Users who use similar passwords or security questions for other online accounts are recommended to change them, as attackers may use the compromised information stolen from Yahoo and use them to try to gain access to accounts on other platforms.
Yahoo also issued a reminder for users to not click on links or download attachments in suspicious e-mails and to remain vigilant against communications asking for the disclosure of personal information.
Is The Verizon Acquisition Now In Doubt?
Verizon, which was reported to have reached a deal to buy Yahoo in July for $4.8 billion, reportedly asked for a $1 billion discount on the acquisition price in October. This was partly due to the first security breach that was reported alongside the email scanning scandal that enveloped Yahoo.
It is unclear how the latest confirmed security breach will affect Verizon's acquisition plans for Yahoo, with the carrier stating that it will be taking time to review the impact of this latest development before coming to any conclusion.