As it turns out, the impact of a data theft incident that hit Yahoo back in 2013 was much more widespread than initially imagined. When Yahoo first disclosed details of the hack last year, the iconic website — which is now owned by Verizon — said that 1 billion Yahoo users were impacted. Now comes word that every single one of Yahoo’s 3 billion users were affected.

According to a statement released today by, a Verizon subsidiary, a subsequent investigation into the attack by forensic experts revealed the full extent of the security breach.

Oath’s statement reads in part:

Subsequent to Yahoo’s acquisition by Verizon, and during integration, the company recently obtained new intelligence and now believes, following an investigation with the assistance of outside forensic experts, that all Yahoo user accounts were affected by the August 2013 theft. While this is not a new security issue, Yahoo is sending email notifications to the additional affected user accounts. The investigation indicates that the user account information that was stolen did not include passwords in clear text, payment card data, or bank account information. The company is continuing to work closely with law enforcement.

In a statement on the matter, Verizon’s Chief Information Security Officer Chandra McMahon said that the company is intent on remaining transparent and that the company is working to “to ensure the safety and security of our users and networks in an evolving landscape of online threats.”