LOS ANGELES (CBSLA.com/AP) – A Yahoo security breach disclosed earlier this year may have affected more than one billion user accounts, the internet company announced Wednesday.
According to Yahoo, law enforcement officials provided data files that was claimed by a third party to be Yahoo user data. After analyzing the data, Yahoo forensic experts believe an unauthorized third party “stole data associated with more than one billion user accounts” sometime in Aug. 2013.
Stolen user account information for potentially affected accounts may have included names, email addresses, telephone numbers, dates of birth, “hashed” (security enhanced) passwords and, in some cases, encrypted or unencrypted security questions and answers, the company announced.
Yahoo says the stolen data did not include passwords in clear text, payment card data or bank account information.
Officials say this latest breach is “likely distinct” from an earlier security breach in September that affected roughly 500 million accounts.
The company has begun notifying potentially affected users and have taken steps to secure any impacted accounts, including requiring users to change their passwords. Yahoo has also invalidated unencrypted security questions and answers so that they cannot be used to access an account, according to a statement.
Anyone with an affected Yahoo account will be notified by email.