Yahoo has just revealed what might be the largest hack of all time. More than one billion Yahoo users had their accounts hacked in August 2013. This is believed to be an entirely separate hack from the 2013 hack they announced back in September that compromised the information of 500 million users. (That includes the Yahoo email account you made in middle school, SwingDancer1998@yahoo.com.)
Yahoo says the hack "included names, email addresses, telephone numbers, dates of birth, hashed passwords (using MD5) and, in some cases, encrypted or unencrypted security questions and answers." No unencrypted passwords, credit card or bank account information is believed to have been acquired in the hack, which they believe was perpetrated by the same "state-sponsored actor" that was behind the other hack in 2013. That same "state-sponsored actor" is believed to have attacked the company's network in 2014.
All users are being required to reset their passwords when they sign into their Yahoo account. Security questions have also been invalidated. In an email to users, Yahoo assured users that "payment card data and bank account information are not stored in the system we believe was affected."
To protect your account(s), you should get in there right away and change your password to something you don't use for another site and consider using a password manager. You should also enable two-factor authentication to help keep accounts protected against hacks like this.
Sign up here for our daily Thrillist email, and get your fix of the best in food/drink/fun.