More than a billion Yahoo users may have had information stolen in a massive hack which occurred in August 2013, thought to be the largest ever data breach of an email provider.
It follows the California company’s September admission that at least 500 million of their account holders were hacked in 2014.
Yahoo said the stolen information may include names, email addresses, phone numbers, birth dates and encrypted security questions and answers, according to The New York Times.
Thankfully, it’s believed bank account information and payment card data were not affected.
Both attacks have been blamed on unidentified “state sponsored” hackers.
“The company has connected some of this activity to the same state-sponsored actor believed to be responsible for the data theft the company disclosed on September 22, 2016,” Yahoo said in a statement.
The company recommended that users change their passwords and security questions on any other accounts for which they've used the same information.
It also reminded users not to click on links or download attachments from suspicious emails and not disclose personal information to unknown email addresses or over the phone.