The August 2013 Yahoo data breach is now believed to have affected three times as many accounts as the company originally reported when it first disclosed the breach last December.

Rather than the 1bn accounts initially believed to have been affected – already the biggest data breach in history, breaking the record Yahoo itself set three months earlier – it now seems that all 3bn of the Yahoo accounts in existence at the time were breached.

According to Yahoo – now part of Oath – it obtained new intelligence subsequent to the acquisition by Verizon, and during integration. The breaches reportedly led to friction in the acquisition process, contributing to a $350m reduction in the price Verizon paid for it.

Based on this new information, Yahoo will be notifying the additional affected user accounts about the breach via email. It maintains that the stolen information did not include passwords in clear text, payment card data, or bank account information. 

“Verizon is committed to the highest standards of accountability and transparency, and we proactively work to ensure the safety and security of our users and networks in an evolving landscape of online threats,” said Chandra McMahon, chief information security officer at Verizon. “Our investment in Yahoo is allowing that team to continue to take significant steps to enhance their security, as well as benefit from Verizons experience and resources.”