An investigation by Yahoo confirmed that account information such as names, email addresses, telephone numbers, dates of birth, hashed passwords and in some cases, encrypted and unencrypted questions and answers, was stolen back in 2014.

It added that its ongoing investigation suggests that unprotected passwords, payment card data and bank account information was not compromised as that information isn’t stored in Yahoo systems.

Yahoo estimates that data associated with at least 500 million user accounts were stolen – a number described by the UK information commissioner at the ICO as “staggering”.

Elizabeth Denham, said: “The vast number of people affected by this cyber-attack is staggering and demonstrates just how severe the consequences of a security hack can be.

“The US authorities will be looking to track down the hackers, but it is our job to ask serious questions of Yahoo on behalf of British citizens and I am doing that today.”

Bob Lord, chief information security officer at Yahoo, said it’s working closely with law enforcement and urged users, especially those who’ve been notified as potentially affected, to change their passwords and set up a different method to verify their accounts.

Users should also change their security questions and answers for other accounts where the same information is stored, as well as be cautious of any unsolicited emails. Further, users are urged to avoid clicking on links or downloading attachments from suspicious emails and to consider using its Yahoo Account Key method of authentication which doesn’t require you to enter a password.