On 22 September, the internet firm said a “recent investigation” had revealed that the compromised data may have included names, email addresses, telephone numbers, dates of birth, hashed passwords, and some encrypted or unencrypted security questions and answers.
“Through strategic proactive detection initiatives and active response to unauthorised access of accounts, Yahoo will continue to strive to stay ahead of these ever-evolving online threats and to keep our users and our platforms secure,” Bob Lord, chief information security officer at Yahoo, said in a blog post.