Yahoo has announced that someone had stole data having at least one billion accounts in the month of August 2013. The company also announced in the month of September 2014 about security breach which affected more than 500 million users. Some experts believe that these two incidents have no resemblance. But, the company believes that same hackers were involved in both incidents and it is possible that the breach 2014 collected its code and pointed out how they used cookies to target some specific accounts. The company indicated that those forged cookies had invalidated and notified to accounts holders that were used to breach in 2015 or 2016.
It was also said that account holders should create a chart or spreadsheet to keep track of their entire info of Yahoo accounts that are allegedly floating around. The company also provided a FAQ for providing help to its users in finding what has been stolen and how they can be affected. The huge size of breach indicated that information of Yahoo users including names, telephone numbers, birth date, email addresses, encrypted & unencrypted security questions & answers might be affected in these security breaches. The company has planned to contact badly affected users, so those users will receive a message very soon. It is important that user’s security questions and answers have been discarded. The ongoing security investigation of Yahoo and reset passwords has been considered one part of this puzzle.