What Yahoo Users Should Do After Biggest Hack Ever Might be time for 2-step authentication if not in place already By Newser Editors, Newser Staff Posted Sep 23, 2016 8:32 AM CDT 36 comments Comments (AP Photo/Marcio Jose Sanchez, File) (Newser) – Yahoo broke the news to half-a-billion users Thursday that hackers breached its system and thus might know their passwords, security questions, phone numbers, and dates of birth. Yes, that's a "b" as in billion, making this the largest data breach ever, notes CNET. The company is blaming "state-sponsored" hackers for the 2014 breach, without offering specifics. Related coverage: What should users do? In addition to changing passwords and security questions, they might consider enabling two-step authentication. See Recode and USA Today for advice. The danger of the hack? The data "could be useful ammunition for any hacker attempting to break into Yahoo accounts, or interested in exploring whether users might have used the same security questions/answers to protect themselves elsewhere on the web," writes security expert Graham Cluley on his blog. Yahoo got wind of the breach when it heard in July of this year that someone was trying to sell account credentials for 280 million users on the black market. It looked into the allegation and found that the truth was actually much worse. See Bloomberg. Might this screw up Verizon's deal to buy Yahoo for $4.8 billion? In short, maybe. Yahoo isn't saying whether it learned of the hack before announcing the Verizon deal in July. For now, Verizon is saying only that it has "limited information and understanding of the impact." See the Washington Post. Did Yahoo move too slowly in alerting people? “Consumers should be not be reading in the news something Yahoo hasn’t told them,” says an official at the Consumer Federation of America. More at CBS News. Yahoo's message to users is here.