Yahoo gets $35 million slap on wrist for failing to disclose colossal 2014 data breach
In an ongoing investigation by the Securities and Exchange Commission, Yahoo (now Altaba) has been fined $35 million for failing to report a known data breach in two straight years of SEC filings.
Publicly traded companies in the United States are required by law to disclose any mishaps that may impact or have impacted its bottom line, giving stakeholders the chance to make informed decisions about their investments in the company.
That”s exactly what Yahoo didn”t do when it learned in 2014 that Russian hackers made off with personal data belonging to almost all its users.
“Within days of the December 2014 intrusion, Yahoo”s information security team learned that Russian hackers had stolen what the security team referred to internally as the company”s “crown jewels”: usernames, email addresses, phone numbers, birthdates, encrypted passwords, and security questions and answers for hundreds of millions of user accounts,” reads the press release.
“The fact of the breach was not disclosed to the investing public until more than two years later, when in 2016 Yahoo was in the process of closing the acquisition of its operating business by Verizon Communications.”
In the two years that followed, Yahoo failed to disclose the breach â€“ and its potential business impact and legal implications â€“ in its quarterly and annual reports. The company only offered a general disclosure that it faced the risk of data breaches, a common default practice at publicly listed companies.
The SEC forced Yahoo to pay $35 million in penalties to settle charges that it misled investors. The breach has been widely publicized and is considered one of the largest data breaches on record.
Yahoo”s operating business, now known as Altaba, was acquired last year by Verizon for $4 billion.
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US
July 16, 2021
How to protect yourself against cyberstalking
July 06, 2021
The Top Five Security Risks Smartphone Users Face Today
July 02, 2021
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials
July 02, 2021
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger
June 30, 2021
Mobile security threats: reality or myth?
June 13, 2021
FOLLOW US ON
You might also like
July 23, 2021
July 22, 2021
July 20, 2021