Every single Yahoo account has been hacked – that’s three billion accounts!
hacked passwords

Every single Yahoo account has been hacked – that’s three billion accounts!

Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.

Start Your Claim
Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

2016 revealed one of the biggest data hacks in history when a reported one billion Yahoo user accounts were found to have been hacked, with login information stolen.

As if that wasn’t bad enough, it has now been revealed that the epic data breach affected all Yahoo users; tripling the initial number of accounts thought to be affected.

The three billion accounts breached is a number equivalent to almost half of the world’s entire population. Accounts for Yahoo-acquired social media platforms Tumblr, Fantasy and Flickr have also reportedly been compromised in the breach.

Revealing the new intelligence

Verizon, owners of Yahoo since July of 2016, were introduced to new information which forced them to review the investigations into the breach. It was then, that they discovered the massively elevated number of accounts that were actually breached.

“The company recently obtained new intelligence and now believes, following an investigation with the assistance of outside forensic experts, that all Yahoo user accounts were affected by the August 2013 theft,” read a Verizon company statement.

How was the discovery made?

There are varying speculations as to how the new information came to light. Some sources believe that Verizon’s $4.8 billion acquisition of Yahoo may have unearthed the extra two billion compromised accounts. Other sources suggest criminals may have misused stolen information or tried to sell information not originally thought to have been compromised.

Yahoo are reportedly going to send users an email notification about the breach. However, the massive delay could mean that countless users may have already experienced attacks from cybercriminals who have stolen their login details.

When the breach was discovered in 2016, Yahoo asked every user to change their username and password details before they could continue using their services. However, many account holders no longer use Yahoo and so their password details will not have changed.

Experts “not surprised”

Experts are reportedly not surprised by the new revelations: “This often happens with breaches, on a much smaller scale,” said Wesley McGrew, a security expert at Horne Cyber; “Initially, the investigation establishes a set of compromised systems and data that encompasses a set of users, then later something is discovered that expands the compromised systems [or] access.”

The Information Commissioner’s Office also released a statement in response to the news condemning Yahoo for its lack of responsibility over protecting users information: “It is very disappointing to see the company is apparently still uncovering additional problems despite the length of time since the breach occurred,” said U.K. Information Commissioner Elizabeth Denham. The ICO will continue to investigate the mammoth data breach and work with Yahoo to work out the best way to mitigate damage.

Change your login credentials!

The ICO is urging everyone who has a Yahoo account or any account owned by Yahoo (Tumblr, Flickr etc) to change their login details. Even those who no longer use their accounts are urged to do the same before deleting their accounts as cybercriminals may be able to obtain clues to guess the individual’s login details for other online accounts.

Chief Technology Officer for Obsidian Security, Ben Johnson, warns that the problem with data breaches will only get worse. He notes that Yahoo might not ever find out exactly what was accessed and what information has been stolen. Countless users are therefore left to fend for themselves as cybercriminals perhaps sell or use their private information for malicious purposes.

Start Your Claim

You can call our claims team free from a landline or mobile on 0800 634 7575 or click on the link below to create a call back with one of our expert Data Claims team.Information on how we handle your data is available in our Privacy Policy.

We offer genuine No Win, No Fee agreements for our clients. Why we do this is simple:

Leading Data Breach Lawyers
Our experience speaks for itself.
We will fight for your right to compensation.
Access to Justice
As a victim of a data breach or hack, you deserve your chance to get access to justice.
Risks Assessment
We carefully risk assess your case and take it on if we think we have a good chance of winning the claim.

Request A Callback From Our Team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

Contact is © of Your Lawyers Limited - we are 'Authorised and Regulated by the Solicitors Regulation Authority (SRA number 508768)'
arrow-up icon