October 4, 2017 by

Yahoo: All 3 Billion Accounts Impacted by 2013 Data Breach

Yahoo has announced that the massive data breach in August 2013 has affected every single user of its service – all three billion user accounts.

In a filing on Tuesday to the SEC, Yahoo has admitted the total number of user accounts accessed illegally by hackers in 2013 was the initial 500 million originally reported, nor the one billion it admitted to later, but every single Yahoo account – all three billion of them.

Yahoo, now acquired by Verizon, says it obtained “new intelligence” following a forensic investigation by cybersecurity experts to determine that its entire service was compromised.

An announcement by Yahoo, now a part of Oath (a Verizon division) read:

Subsequent to Yahoo’s acquisition by Verizon, and during integration, the company recently obtained new intelligence and now believes, following an investigation with the assistance of outside forensic experts, that all Yahoo user accounts were affected by the August 2013 theft. 

Further, Yahoo also claimed that the stolen account information did not include passwords in clear text, nor payment card data or bank account information. Once again, Yahoo is emailing affected users to notify them of the breach.

Yahoo first revealed a data breach where hackers stole information associated with “at least 500 million user accounts” in September 2016. By December, Yahoo said it “believes an unauthorized third party, in August 2013, stole data associated with more than one billion user accounts.”

The breach cost Yahoo in its original $4.8 billion sale to Verizon. “Under the amended terms, Verizon and Yahoo have agreed to reduce the price Verizon will pay to acquire Yahoo’s operating business by $350 million,” a joint statement from Verizon and Yahoo read in February 2017. In March, the US Justice Department directly accused four Russian spies of instigating and carrying out the Yahoo hack.

Image credit: Flickr.

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

Canadian Hacker Pleads Guilty to Yahoo Breach Instigated by Russia

A Canadian national accused by the United States of helping Russian intelligence agents breach into...

Read more arrow_forward

Yahoo! Still Doesn’t Know Cause Behind Biggest Data Breach Ever

Former Yahoo CEO Marissa Mayer has admitted that the web giant still doesn’t know the cause behind...

Read more arrow_forward

Russian Spies Hired Cybercriminals to Hack 500 Million Yahoo Accounts: Justice Dept

The United States government has directly implicated Russian agents of instigating and directing the...

Read more arrow_forward