Yahoo has confirmed that a data breach in 2013 affected all 3 billion of its accounts which is three times the number that was reported previously.
The said disclosure came from Oath, a subsidiary of Verizon which is a US telecoms company. Oath acquired the online assets of Yahoo in June for $4.48bn.
The purchase price had been slashed after revelations of the data breach in 2013 and another in 2014 wherein 500 million accounts were affected and ended in charges for a pair of hackers and Russian intelligence operatives.
Regarding the breach in 2013, Verizon and Oath said that the additional user accounts affected were being informed.
The hack was revealed by Yahoo in December 2016, when it said that around one billion of its three billion users were affected.
After Verizon acquired Yahoo, however, the firm “obtained new intelligence and now believes, following an investigation with the assistance of outside forensic experts, that all Yahoo user accounts were affected.”
They continued: “While this is not a new security issue, Yahoo is sending email notifications to the additional affected user accounts.
“The investigation indicates that the user account information that was stolen did not include passwords in clear text, payment card data, or bank account information.
“The company is continuing to work closely with law enforcement.”
The chief information security officer at Verizon, Chandra McMahon, stated: “Our investment in Yahoo is allowing that team to continue to take significant steps to enhance their security, as well as benefit from Verizon’s experience and resources.”
The Yahoo breach is said to be the greatest in terms of the number of people that were affected, although the recently exposed hack at credit agency Equifax is seen as more damaging because of the sensitive nature of data gained.