Tech giant Yahoo has confirmed that 500 million accounts have been hacked by, what it is referring to as a state-sponsored hacking group.

Details stolen during the 2014 hack include names, passwords, email addresses, phone numbers and security questions.

Yahoo is currently investigating the breach along with law enforcement agencies, but believes that credit card or bank details were not included in the stolen data.

“The ongoing investigation suggests that stolen information did not include unprotected passwords, payment card data, or bank account information; payment card data and bank account information are not stored in the system that the investigation has found to be affected,” said Yahoo in a statement.

Yahoo is notifying anyone who may have been affected, advising those who have not changed their Yahoo passwords since 2014 to do so. 

“Yahoo encourages users to review their online accounts for suspicious activity and to change their password and security questions and answers for any other accounts on which they use the same or similar information used for their Yahoo account.”

Read more at The Guardian