The technology giant said it believes the attack is “distinct” from another cyber attack the company reported last September, which involved around 500m accounts and was said to have been carried out by a “state-sponsored actor” in late 2014.
Yahoo says this personal data affected included “names, email addresses, telephone numbers, dates of birth, hashed passwords”, as well as security questions and answers, but the company claimed financial information had not been compromised.
“Yahoo has identified data security issues concerning certain Yahoo user accounts,” the firm said in a statement. “Yahoo has taken steps to secure user accounts and is working closely with law enforcement.
“As Yahoo previously disclosed in November, law enforcement provided the company with data files that a third party claimed was Yahoo user data. The company analysed this data with the assistance of outside forensic experts and found that it appears to be Yahoo user data.
“Based on further analysis of this data by the forensic experts, Yahoo believes an unauthorised third party, in August 2013, stole data associated with more than one billion user accounts.”
The company also said its analysis has led it to believe the same state-sponsored hackers were involved in this newly-disclosed attack.
“Yahoo encourages users to review all of their online accounts for suspicious activity and to change their passwords and security questions and answers for any other accounts on which they use the same or similar information used for their Yahoo account,” the statement said.
“The company further recommends that users avoid clicking links or downloading attachments from suspicious emails and that they be cautious of unsolicited communications that ask for personal information.”