<p>Nearly everyone I know has either been hacked or has stopped an attempted hacking. In the past four or five years I&rsquo;ve had my Facebook, two bank accounts, and PayPal hacked. ;</p>
<p>The sheer frequency of these attacks is exemplified by a statement Yahoo made in September: that 500 million user accounts were hacked in 2014. This Wednesday, the company admitted that a separate attack in 2013 compromised <strong>over 1 billion</strong> Yahoo email accounts.</p>
<p>These two incidents are the largest security breaches to occur within a single company &ndash; that we know of &ndash; and government employees are among the victims. ;</p>
<p>Yahoo is now forcing all affected users to reset their passwords, but the information exposed during the 2013 hack &ndash; names, dates of birth, phone numbers, passwords, and security questions &ndash; could be enough for hackers to change passwords on their own. ;</p>
<p>Yahoo has fallen behind competitors in terms of security, and critics slam the company for doing nothing after a smaller hacking incident in 2012 compromised over 450,000 accounts. ;</p>
<p>The 2013 and 2014 attacks were only discovered after close examination of a series of data files provided by law enforcement. ;</p>
<p>&ldquo;What&rsquo;s most troubling is that this occurred so long ago, in August 2013, and no one saw any indication of a breach occurring until law enforcement came forward,&rdquo; said Chief Executive Jay Kaplan of Synack, a security company.</p>
<p>With help from federal authorities, Yahoo discovered that the hacker responsible for the 2014 attack was likely government-sponsored. Yahoo Chief Information Security Officer Bob Lord believes this high profile hacker was able to steal Yahoo&rsquo;s proprietary source code, thus enabling him to &ldquo;impersonate&rdquo; real users and log in to accounts without using passwords. ;</p>
<p>Personal data from attacks like this is usually posted for sale online. We&rsquo;ve seen nothing of the sort from this attack, which makes security experts believe the hacker was looking for specific people.</p>
<p>Most Yahoo users aren&rsquo;t in danger, says JJ Thompson of Rook Security, but should still change the password for their Yahoo email account and any other accounts ;that used the same or a similar password.  ;</p>
<p>The two massive breaches also endanger Yahoo&rsquo;s recent deal with Verizon, in which it agreed to sell its core business to the telecom giant for $4.8 billion.</p>
<p>&ldquo;As we&rsquo;ve said all along we will evaluate the situation as Yahoo continues its investigation,&rdquo; said Verizon spokesman Bob Varettoni. &ldquo;We will review the impact of this new development before reaching any final conclusions.&rdquo; ;</p>
<p>Yahoo is now struggling to shore up its defenses while designing new methods of security for the countless frustrated users who have already been hacked.</p>
<p>The repeated hackings are a black mark for Yahoo, says Ben Johnson, founder of security company Carbon Black. &ldquo;It&rsquo;s not just one sophisticated adversary that gets in. Typically companies get compromised multiple times due to the same vulnerability or employee culture.&rdquo; ;</p>
<p><strong>Editor&#8217;s note</strong>: Yahoo&#8217;s carelessness cost a lot in terms of privacy for its customers. And of course, we have no recourse whatsoever.</p>