Yahoo has reportedly confirmed the existence of a hack that affects “more than one billion user accounts.” Before you think we’re back in September, Yahoo has said that it’s “likely distinct” from that other massive hack that lost the data of hundreds of millions of Yahoo customers.
Here’s the short version: if you’re a Yahoo user, just assume that your email and everything in it has been compromised.
Details are scarce as of now, but CNBC is reporting that Yahoo has confirmed the existence of the new hack, said it affects more than a billion users (side note: there are still a billion Yahoo! users?!), and said that it’s probably a different hack to that other massive hack a few months ago.
In the last hack, disclosed on September 22nd this year, Yahoo said that the info and passwords of 500 million users was stolen sometime back in 2014. In a statement at the time, the company said “A recent investigation by Yahoo has confirmed that a copy of certain user account information was stolen from the company’s network in late 2014 by what it believes is a state-sponsored actor. The account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers.”
Needless to say, it would be a great idea for Yahoo users to go change the password for their Yahoo account, and any accounts that share the same password. And, y’know, maybe give Gmail a look while you’re at it?