Yahoo is investigating on this incident and have confirmed about the breach. The ongoing investigation suggests that stolen information did not include unprotected passwords, payment card data, or bank account information; payment card data and bank account information are not stored in the system that the investigation has found to be affected.
Based on the ongoing investigation, Yahoo believes that information associated with at least 500 million user accounts was stolen. Yahoo is also working with law enforcement regarding this.
Yahoo is notifying potentially affected users and has taken steps to secure their accounts. These steps include invalidating unencrypted security questions and answers so that they cannot be used to access an account and asking potentially affected users to change their passwords. Yahoo is also recommending that users who haven’t changed their passwords since 2014 do so.
Warning! Change your Password now.