Oath Inc, a subsidiary of Verizon which now owns Yahoo, revealed in an announcement earlier in the week that all of its users may have been affected in the 2013 data breach. This expands the number of affected accounts from the previously estimated one billion to three billion. An email has been sent to all Yahoo account holders who’s accounts were compromised during the hack.
Breached information include personal identifiable information including the name of the account holder, email address, encrypted passwords (not plain passwords), birthdays, and encrypted or unencrypted security questions and answers. Oath assures its users that no banking and credit information were breached.
In other words, if you have a Yahoo account, it’s a good idea to change your passwords, your security questions/answers and enable two factor authentication especially if you’ve received an e-mail from Yahoo.