I'm not sure if you remember or nor, but this September we told you that Yahoo confirmed that a data breach, which happened in 2014 compromised over 500 million accounts and that it's the largest known hack in the world. Well, the same company managed to beat its own record: recently, the former IT giant has officially confirmed that over 1 billion user accounts were compromised during another breach that happened in August 2013.
Just so we're clear, this incident is separate from the one in 2014. The company is notifying the people who "may have been affected", but since we're taking about over 1 billion users, don't wait for an email; if you have a Yahoo account, change your password and security question as quickly as possible. (The Yahoo Security page will show you how to do that.) In case you're curious what data was stolen, the hackers took user names, telephone numbers, email addresses, hashed passwords, security question answers and more.
I understand that no lock is unbreakable and that data breaches happen, but what is unacceptable from my point of view is the fact that the company waited this long to tell its clients. The hackers and the people who bought the data of the black market had three years in which they could freely access our emails, which is unacceptable. Furthermore, Yahoo seems to be making mistake after mistake lately by keeping copies of its users' deleted emails and by disabling the automatic email forwarding feature, so I for one am not willing to give it another chance.