Yahoo Staff Knew of Data Breach Since 2014

In an SEC filing on November 9, Yahoo revealed that some staff knew of the massive data breach, disclosed in September 2016, as early as 2014. The hack affected at least 500 million user accounts; it revealed usernames, email addresses, phone numbers, dates of births, hashed passwords, and, in some cases, security questions and answers.

Yahoo has indicated that a state actor may have created cookies to bypass the need for a password to access user information in order to carry out the intrusion. In a Form 10-Q filing, Yahoo announced that an Independent Committee of the Board is investigating “the scope of knowledge within the Company in 2014 and thereafter regarding this access, the Security Incident, the extent to which certain users’ account information had been accessed, the Company’s security measures, and related incidents and issues.”

Yahoo recorded $1 million in expenses for the quarter ending September 30, both from investigating the incident and from implementing measures to correct issue. In addition, 23 consumer class action lawsuits have been filed against Yahoo. The hack may lead to further financial impact for the company, as these developments could jeopardize the deal for Verizon to acquire Yahoo for $4.8 billion.

+ posts

Jake Steele is a sophomore at Georgetown University studying finance and management. During his time at Consumers’ Research, he has examined developing trends in finance and technology.

Share

Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn
Share on email
Email

Subscribe to get the latest consumer news

More consumer News