If you own a Yahoo account, and have not changed the password since 2014, the company is urging you to do so now. This stern advice comes in the wake of a statement from Yahoo that they suffered a malicious hack in late 2014.

According to Yahoo's estimates, the hack may have affected up to 500 million user accounts. The company also believes that the hack was state-sponsored and includes account information such as usernames, email addresses, contact numbers, dates of birth and even hashed passwords. In a bid to quell concerns, Yahoo did note that the breach did not affect unprotected passwords, bank and payment card data, or bank account information.      

As The Verge notes, this latest announcement follows a recent story in which a hacker was trying to sell off an estimated 200 million accounts on the dark web earlier in the year. In light of this latest statement, it appears the hack suffered by Yahoo was far more severe than initially thought.

If account holders have not shut down or made the switch yet, this new information might likely prompt it. Of more concern to Yahoo at the moment, is how this will affect their possible acquisition by Verizon, which may be up in the air for now.