Yahoo has confirmed that information associated with at least 500 million user accounts was stolen. The company said that account information was stolen from the company's network in late 2014, and believed that it was the work of “state-sponsored” hackers. Yahoo says, the stolen information may have included names, email addresses, telephone numbers, passwords, and security questions and answers.
Yahoo will be sending emails to potentially affected users, notifying them of the issue. Those affected are advised to change their password, and adopt an alternate method of account verification. The company has also asked users to use Yahoo Account Key to access their account. The tool sends a one-time key to the user’s account and removes the need for a password altogether.
This comes just a few months after wireless network provider, Verizon, had agreed to acquire Yahoo’s operating business for $4.83 billion. As per the deal, Yahoo will be merged with AOL, which was also acquired by Verizon last year. It is expected that Yahoo will have a new name, once the deal closes in Q1 2017.
Earlier this month, it was revealed that 68.6 million Dropbox accounts were compromised in a breach that happened in 2012. The company had forced password resets for accounts that were registered prior to mid-2012.