Yahoo! Security Breach Impacted All 3B Users, Not Just 1B

Over a billion Yahoo user accounts compromised in single largest data breach ever

Remember the big Yahoo! data breach where a billion user accounts where compromised? Turns out it was really 3 billion, or every single Yahoo! account.

Over a billion Yahoo user accounts compromised in single largest data breach ever
2013 Yahoo! security reach affected all 3 billion users

Yahoo! revealed at the end of 2016 it was the target of a massive hack in 2013 where user names, passwords, phone numbers, email address, and more were stolen. At the time, Yahoo! said the breach impacted a billion account holders.

The internet search company has since been purchased by Verizon and it turns out the hack was much worse than originally reported. Yahoo! said in a statement,

Subsequent to Yahoo’s acquisition by Verizon, and during integration, the company recently obtained new intelligence and now believes, following an investigation with the assistance of outside forensic experts, that all Yahoo user accounts were affected by the August 2013 theft.

Last December Yahoo! CISO Bob Lord said, “We believe an unauthorized third party, in August 2013, stole data associated with more than one billion user accounts.”

While that statement is technically accurate because there really were more than a billion Yahoo! user accounts compromised, it doesn’t do justice to the real magnitude of the security breach. Instead of a third of Yahoo! users, the breach affected everyone.

Yahoo! also had security breaches in 2014 and 2015, although those impacted fewer users.

When it appeared that a billion users were impacted by the breach US$350 million was cut off from the price Verizon paid for Yahoo! and had the full scope of the hack been known, it most likely would’ve dropped even more.

Yahoo! has a history of similar security breaches, although not nearly on this scale. Still, any security breach is bad and Yahoo! seems to be shooting for a trophy.

If you have a Yahoo! account and haven’t changed your password recently now would be a good time to do that.

Notify of

This site uses Akismet to reduce spam. Learn how your comment data is processed.

1 Comment
Oldest Most Voted
Inline Feedbacks
View all comments

This had been suspected for awhile but I guess we finally got official confirmation?