The discovery will enable Oath to extract a refund from continuity Yahoo - now an investment company holding some of the firm's better investments from its time as an independent dot-com - under the terms of the Yahoo asset acquisition agreement, concluded previous year. Yahoo was later combined with AOL into a new division of the telecommunications company called Oath.
A majority of the three billion accounts affected, though, will no doubt be little used or once used email accounts.
He also said that internal investigations might miss something, and outside experts focused on digital forensics will find more than an internal team. "Yahoo also invalidated unencrypted security questions and answers so they can not be used to access an account", Yahoo said Tuesday.
Yahoo has now gone into damage control mode, sending emails to victims informing them about the issue. Yahoo was acquired by Verizon in June 2017.
An official statement from Yahoo stated it "took action to protect all accounts".
A new report from Yahoo! has said that all of its three billion user accounts were affected in a hacking attack dating back since 2013.
Yahoo unveiled the figure on its account security page, having carried out a forensic investigation into the hack.
The company initially said that personal information including names, email addresses and security questions relating to one billion accounts were all accessed by a "third-party". Not all of these data elements may have been present for your account. Payment card data and bank account information are not stored in the system we believe was affected. Today, Yahoo announced that it was even worse.
It should go without saying that users who still use the same password and username combination as they did in 2013 should consider changing those details in earnest.
· Yahoo invalidated unencrypted security questions and answers so they can not be used to access an account.
Parent company Verizon said that it had re-evaluated the number after it received new information from outside the company.
· Review your accounts for suspicious activity.