In September 2016, Yahoo! announced that their servers had been hacked into three prior and estimated 500,000,000 (yes, 500 million) accounts had been compromised.
At the time, the company blamed foreign governments and two Russian nationals have since been indicted.
Word has just come out that Yahoo! was underestimating the number of compromised accounts a bit. A big bit. Now, it seems that every Yahoo! account active in 2013 at the time of the hack was compromised. That’s 3 billion accounts:
It’s official. If you had a Yahoo account in 2013, it was compromised.
Should you be worried? Maybe. Should you change your password? YES! Every online account should have a unique password and they should be changed regularly. Period.
ars Technica’s piece about the announcement is here.