Yahoo Provides New Security Update on the 2013 Data Breach

October 4, 2017, Written By John H. Oldshue
Yahoo Provides New Security Update on the 2013 Data Breach

Yahoo issued a security update for its August 2013 data breach. New intelligence shows all Yahoo accountholders were affected by the hack, not just the 500 million accounts that were already discovered.

Verizon acquired Yahoo last year, and was made aware of the breach shortly before announcing the acquisition. After the deal was completed, Verizon was informed of the additional security impact and immediately made the news public. Chandra McMahon, Chief Information Security Officer at Verizon, said, “Our investment in Yahoo is allowing that team to continue to take significant steps to enhance their security, as well as benefit from Verizon’s experience and resources.”

According to the security update FAQs, the stolen information did not include credit card information, debit card information, bank account information, or any other payment data. However, it did include usernames, passwords, telephone numbers, birthdays, first and last names, and security question answers.

Yahoo required all users to change their passwords after the data breach was discovered. They also required new, encrypted answers for security questions to further protect the accounts.

The information contained within this article was accurate as of October 4, 2017. For up-to-date
information on any of the terms, cards or offers mentioned above, visit the issuer's website.

About John H. Oldshue

John Oldshue is the creator of He worked for over 15 years in television and won an Emmy award for his reporting. He covers credit card rate issues for
View all posts by John H. Oldshue