What's considered the largest data breach in history has Yahoo users questioning what to do next.

It's estimated that hackers have trespassed into some 500-million user accounts in a data breach just discovered in the last few weeks.

Yahoo user’s login credentials have been compromised giving hackers access to their date of birth as well as security questions and answers that they use for setting up their accounts.

Cybersecurity experts suspect the breach could be further-reaching than you might think.

So if you are a Yahoo account user the most important thing you can do right now is reset your password and your security questions immediately.

Attorney Shawn Tuma is a cybersecurity expert and tells 21 News, "Use a password that has a combination of letters, both upper and lower case that's not something you would find in a dictionary. Your password should also contain numbers and symbols as well. And do not use the same password across multiple services."

The Yahoo data breach could be far-reaching because Yahoo Email provides services for a lot of other products including AT&T and Direct TV -- their email systems are powered through Yahoo.

"So gaining login credentials to Yahoo accounts may very well be providing login credentials for other services as well," Attorney Tuma said.

The scammers may also try to gain additional information from you by sending out emails that appear to be from Yahoo, and encourage you to click on the "links" to reset your password. Security experts warn that's the most dangerous thing you can do.

"What Yahoo has said in their alert is their emails do not have "links," so do not click on links or attachments in any emails that claim to be from Yahoo," Attorney Tuma said.

He also suggests that you may want to enable what is called "two-factor authentication" or "dual-factor authentication."

"That's where you enter your password and they send you a text message to confirm it is really you. If you do that you are going to cut down your chances of having your information misused substantially."

That's because the more the hackers learn about you and your accounts the easier it is for them to commit identity theft.

Attorney Tuma says, "One thing they do is they sell the information on what's called the "dark web" or the "dark net" and they sell it in bulk because data has value in volume. Then people will take that information and use it for identity theft. They'll try to create fictional accounts and set up other information to defraud people out of money."

The hackers will also use the information they've stolen and put the login credentials into a database and run it through other accounts to try to gain access to different accounts using the same login credentials.