The actual tally of stolen user accounts from the hack Yahoo experienced could be much larger than 500 million, according to a former Yahoo executive familiar with its security practices.
The former Yahoo insider says the architecture of Yahoo’s back-end systems is organized in such a way that the type of breach that was reported would have exposed a much larger group of user account information.
“I believe it to be bigger than what’s being reported,” the executive, who no longer works for the company but claims to be in frequent contact with employees still there, including those investigating the breach, told Business Insider. “How they came up with 500 is a mystery.”
To be sure, Yahoo has said that the breach affected at least 500 million users. But the former Yahoo exec estimated the number of accounts that could have potentially been stolen could be anywhere between 1 billion and 3 billion.