By Jon Delano

PITTSBURGH (KDKA) — It’s happened again.

Yahoo says a billion customer accounts were hacked in 2013, after earlier reporting that 500 million were hacked in 2014 by a “state-sponsored actor.”

READ MORE: Remember, Reflect At Tree Of Life: Commemorating The 11 Lives Lost 3 Years Ago In Synagogue Shooting

“Fact that they were breached shouldn’t be a surprise to anybody because we are seeing so much of it these days. Fact that it’s a billion is quite amazing,” Andrew Richards, a local cyber security fraud investigator, told KDKA money editor Jon Delano on Thursday.

Yahoo has warned customers that passwords were stolen along with names, email addresses, telephone numbers, dates of birth, and in some cases security questions and answers.

Delano: If you haven’t been victimized yet, is it still possible that you might be?

Richards: Yes, and the reason is that the information that they’ve gleaned from Yahoo may include some personal information.

Richards warns you may be affected even if you don’t think so.

READ MORE: Man Hospitalized After Being Run Over By Wood Chipper

Join The Conversation On The KDKA Facebook Page
Stay Up To Date, Follow KDKA On Twitter

Obviously, prior users are at risk along with those who play fantasy sports on Yahoo Sports, or post pictures on Flickr, or blog on Tumblr.

“It’s not unusual for big companies like Yahoo to be interrelated with other company names.”

Here are some tips that are good for all of us.

  • Change your passwords often;
  • Never use the same password for different accounts;
  • Use stronger passwords with numbers, letters & characters;
  • Consider a password manager if your passwords are hard to remember;
  • Update those security questions;
  • Beware of emails asking for additional information;
  • Don’t open links or downloads from unknown email addresses; and
  • Block access to your credit report.

“Don’t make it easy for the bad guys. Change it up,” says Richards.

MORE NEWS: PTL Links: Oct. 27, 2021

Of course, customers can always choose to drop the account altogether.