A few months ago rumors had surfaced that Yahoo was investigating a massive breach associated with approximately 200 million accounts, but nothing ended up coming out of the reports.
Today Yahoo released an official statement which confirmed that data associated with at least 500 million accounts, has been compromised by who they believe was a state-sponsored actor.
An investigation done by Yahoo confirmed that the data breach occured sometime in late 2014. Account information that was affected may have included names, email addresses, phone numbers, birthdays, and hashed passwords. In some cases your encrypted or unencrypted security questions and answers may have been compromised aswell.
As for credit card details, the company also included in their statement that, ”The ongoing investigation suggests that stolen information did not include unprotected passwords, payment card data, or bank account information. Payment card data and bank account information are not stored in the system that the investigation has found to be affected.”
Yahoo noted that they will be notifying potentially affected users by email and are recommending that all users change their passwords & security questions as soon as possible.
If you have any issues or questions regarding your account and or the data breach, follow Yahoo’s instructions here.
Its important to note that Yahoo doesn’t offer assistance over the phone so do not engage with any online fee-based, toll-free-numbers, as they’re fraudulent. Yahoo channels all support through http://help.yahoo.com.