US multinational telecommunications conglomerate Verizon has announced that all three billion accounts which Yahoo! had in December 2013, were affected by a data breach in 2013.
Verizon completed its acquisition of Yahoo! in June this year.
Yahoo! had said in December last year that a billion accounts were compromised in this particular breach, one of three that it disclosed in 2016 and 2017.
The company made two disclosures last year — one in September and one in December — of massive data breaches. A third, in February 2017, did not specify how many accounts were involved.
{loadposition sam08}The leak disclosed in September involved about 500 million user credentials and took place in late 2014. The December disclosure was said to concern account details of a billion users and occurred in August 2013.
In a filing with the Securities and Exchange Commission on Tuesday, Verizon said: "Subsequent to Yahoo!’s acquisition by Verizon, and during integration, the company recently obtained new intelligence and now believes, following an investigation with the assistance of outside forensic experts, that all Yahoo user accounts were affected by the August 2013 theft."
The company said that while this was not a new security issue, Yahoo! was sending email notifications to the additional affected user accounts.
"The investigation indicates that the user account information that was stolen did not include passwords in clear text, payment card data, or bank account information. The company is continuing to work closely with law enforcement," it said.
“Verizon is committed to the highest standards of accountability and transparency, and we proactively work to ensure the safety and security of our users and networks in an evolving landscape of online threats,” said Chandra McMahon, chief information security officer.
"Our investment in Yahoo! is allowing that team to continue to take significant steps to enhance their security, as well as benefit from Verizon’s experience and resources."