Yahoo has officially confirmed that they’ve been a victim of a massive data breach two years ago, in late 2014. The reach of the breach is massive, affecting almost 500 million users accounts in the company’s portfolio of products.
The breach, believed to be the work of a state-sponsored hacker, included details like names, email addresses, telephone numbers, dates of birth as well as hashed passwords and unencrypted security questions and answers.
According to Yahoo, the data stolen did not include unprotected passwords, payment card data or bank account information.
We recommend that you change your passwords NOW if you haven’t already. We also urge anyone that uses the same security question and answer across multiple email accounts to change those too.