The biggest data breach in history just got even bigger. Three times bigger.
Three billion accounts at Yahoo were affected by a massive hack in 2013, the internet firm’s parent company, Verizon, revealed Tuesday. That’s up from the roughly one billion when Yahoo first revealed the breach last year.
The latest disclosure cements Yahoo’s place at the top of a long and ignominious list of massive security breaches:
Yahoo gets the top two spots on any list of security breaches.
In September 2016, Yahoo said that data associated with at least 500 million accounts had been stolen. Three months later, it disclosed a second breach — the one that’s now been revealed to have affected all three billion customer accounts that existed at the time.
Verizon said it revised up the number “following an investigation with the assistance of outside forensic experts.”
The epic security breaches were costly for Yahoo: Verizon slashed the price of its deal to buy Yahoo by $350 million and former CEO Marissa Mayer lost out on her cash bonus.
Two Russian spies were indicted over the smaller of the two hacks. It’s still unclear who was behind the bigger attack.
Yahoo isn’t the only aging internet company to suffer humiliation at the hands of hackers. Last year, Myspace confirmed a breach of user names and passwords for about 360 million accounts.
The company attributed the breach to a Russian hacker who goes by the name Peace.
The credit monitoring company caused widespread alarm last month when it revealed that the personal information of 145.5 million people was compromised in a breach.
Beyond the high number of customers potentially affected, the Equifax hack is significant because of the sensitive information at risk: social security numbers, addresses and the numbers of some driver’s licenses.
The company has come under fire for its handling of the crisis, which resulted in the sudden retirements of its CEO, chief information officer and chief security officer.
Heartland may not be a household name, but its security breach impacted many households.
In 2008, the credit card processor was hit by an attack that exposed an estimated 130 million credit and debit card numbers. Heartland eventually paid more than $110 million to credit card companies to settle related claims.
Peace, the hacker tied to the MySpace breach, also took credit for breaking into LinkedIn in 2012. The hack wasn’t revealed, however, until last year.
LinkedIn said “more than 100 million” members were affected. The hacker reportedly tried to sell the account information online.
Millions of Target customers got more than they bargained for while doing their holiday shopping in 2013.
Roughly 40 million shoppers had their credit and debit card information stolen due to a data breach at Target that took place in the three weeks after Thanksgiving that year.
Target later agreed to pay $10 million to customers who suffered from the breach and tens of millions more to U.S. banks who lost money when they were forced to reimburse customers.