Yahoo is warning users that their accounts may have been subjected to "malicious activity" between 2015 and 2016, per AP. The news comes in the midst of the company's investigation into a massive security breach that exposed 1 billion users' data — such as email addresses, birthdates, and answers to security questions — several years ago.

In an email to users Wednesday, Yahoo said that based on the information they have collected so far, the company thinks that "forged cookies" — strings of data that enable people to access accounts without re-entering their passwords — were used in the breach. Yahoo has yet to announce how many people were affected, but has said they believe a "state-sponsored actor" is responsible.

Why this matters: The first wave of news surrounding Yahoo's mega-breach threatened the company's proposed deal to sell its core Internet business to Verizon. Earlier today, Bloomberg reported that the deal is still happening, but Verizon has lowered the price by $250 million.