Thank you b*cat for the linky. Although I have vague recollections of the earlier attacks, I'd completely forgotten about that thread from 2013 and its contents, so I found it interesting re-read through it.
It just confirms that Yahoo were
1) Lapse in security
2) In complete denial that their systems were under attack, despite evidence to the contrary and they failed to act in a timely manner.
To add further insult to injury, there was another data breach in 2014 which further confirms that
1) Yahoo were extremely lapse
2) Still in denial that their systems could be compromised.
... and now we find out they lied and bluffed about the extent of the damage
I was wondering why they would do that, but during the 2013-2014 they held some pretty big contracts from some very large ISPs all around the globe which I bet they were scared of losing. As I mentioned in my earlier post they never came clean with BTYahoo and even BT didn't have any idea the full extent of which their customers may have been affected. All they knew was that "some may have been".
Considering they handled all the name@btinternet.com mail, I think its a fair bet to say that there was a strong probability that the EU's broadband account 'could' also have been accessed because most users got transferred over to BTYahoo using the same login/password info.
I must stress that fortunately there is no evidence that the hackers went this far.. but the fact remains they could have done. Same with Sky. I know for a fact that my @btinternet.com password was the same as what was then my bt internet & phone account. Same with dads Sky broadband account.