"Yahoo revealed that at least half a billion of its users were hacked from a 2014 leak.
The breach exposed up to 500 million accounts' names, email addresses, phone numbers, date of births, and in some cases, security questions and answers, the company said.
The internet pioneer said it's "working closely with law enforcement" on the breach, and believe that it was from a "state-sponsored actor," though it did not specify what country.
Yahoo is urging its users who haven't changed their passwords since 2014 to do so.
Verizon, which had purchased Yahoo for $4.83 billion in July, said it was notified of the massive breach within the last two days. The telecommunications giant said it had "limited information and understanding of the impact" in a statement.
"We will evaluate as the investigation continues through the lens of overall Verizon interests, including consumers, customers, shareholders and related communities," Verizon said.
On August 1, a hacker named "Peace" claimed to have breached 200 million Yahoo usernames and passwords, and offered to sell them on the dark web, after trying to do the same with MySpace and LinkedIn accounts."
Yahoo warns users at least 500 million accounts were hacked - CNET