The malware attack that took advantage of Yahoo’s Java-based ad network around Christmas Eve was far greater than anticipated, the company confirmed in a post (via CNET) on its help web pages. Initially believed to have affected only European users on January 3, 2014, the malware ad attacks were then said to have occurred during December 31, 2013 – January 3, 2014. But Yahoo on Friday revealed the attack actually took place between December 27, 2013 – January 3, 2014, and affected users outside of the European Union as well. It’s not clear how many users may have been affected by the hack, although initial estimates from security companies said that up to 2 million machines might have been compromised during a four-day attack. Yahoo says that the attack happened after an account was compromised, without revealing more details about said account.