Yahoo on Thursday disclosed that a data breach in late 2014 resulted in the theft of information from at least 500 million customer accounts.
Based on a recent investigation, it appears that state-sponsored hackers carried out the attack, the company said.
Account information compromised includes names, email addresses, telephone numbers, dates of birth, hashed passwords, and encrypted or unencrypted security questions and answers.
Payment card and bank account information was not compromised, according to Yahoo. That information is stored on a system that was not affected by the breach.
Yahoo encouraged its users to take precautions, such as changing passwords and security questions, to protect themselves from malicious activity.
The company recently has introduced new tools to help safeguard customer security.