The compromised accounts appear separate from a 2014 breach disclosed in September, when Yahoo revealed that 500 million accounts had been accessed.
Yahoo has taken steps to secure user accounts and is working closely with law enforcement.
The internet giant is also notifying potentially affected users and is requiring people to change their passwords.
How to find out if your account has been compromised and how to protect yourself
- If you think you have been affected change your password and security questions for your online accounts. Use three random words to create a strong password. Numbers and symbols can still be used, however three random words is the key to creating a strong and memorable password.
- Monitor your account for any suspicious or unexpected activity.
- Be very wary of any emails purporting to come from Yahoo, particularly if they prompt you to click any links, download any attachments or give out any personal information.
- Be wary of anyone calling asking for personal information, bank details or passwords. If in doubt, just hang up.
- Watch out for signs of identity crime. Visit Experian, Equifax or Noddle to check your credit rating to make sure no one has applied for credit in your name.
- For online safety advice visit Get Safe Onlne and CyberAware.
- If you are generally concerned, you can look on services like HaveIBeenPwnd.com to see if your username or email address has been involved in a breach. You should definitely take action if you are listed, but services like this are not 100% accurate
If you have fallen victim to fraud, report it to Action Fraud and get a crime reference number.
You can also find a full list of FAQ’s from Yahoo containing details about this issue. If you need further information or assistance with your account, please visit the Yahoo help page where you will find the latest information and may be able to access direct customer support.