+

Cookies on the Business Insider India website

Business Insider India has updated its Privacy and Cookie policy. We use cookies to ensure that we give you the better experience on our website. If you continue without changing your settings, we\'ll assume that you are happy to receive all cookies on the Business Insider India website. However, you can change your cookie setting at any time by clicking on our Cookie Policy at any time. You can also see our Privacy Policy.

Close
HomeQuizzoneWhatsappShare Flash Reads
 

US regulators are investigating why it took so long for Yahoo to say it was hacked

Jan 23, 2017, 14:26 IST

Yahoo CEO Marissa MayerAP Photo/Eric Risberg, File

US regulators are reportedly investigating why it took Yahoo so long to disclose it was hacked.

Advertisement

According to a new report from The Wall Street Journal, The Securities and Exchange Commission (SEC) is examining whether the company should have told investors sooner about two huge data breaches.

Yahoo has faced pointed questions about exactly when it knew about a 2014 cyber attack it announced in September 2016 that exposed the email credentials of half a billion accounts.

Then in December, Yahoo said it had uncovered yet another massive cyber attack, saying data from more than 1 billion user accounts was compromised in August 2013.

The SEC issued requests for documents in December, as it probes whether the technology company's disclosures about the cyber attacks complied with civil securities laws, according to the WSJ.

Advertisement

In a November 2016 quarterly filing, Yahoo said that it was "cooperating with federal, state and foreign" agencies, including the SEC, that were seeking information and documents about a "security incident and related matters."

In the US, securities industry rules require companies to disclose cyber breaches to investors. Although the SEC has long-standing guidance on when publicly traded companies should report hacking incidents, companies that have experienced known breaches often omit those details in regulatory filings, according to a 2012 Reuters investigation.

In September 2016, Democratic U.S. Senator Mark Warner asked the SEC to investigate whether Yahoo and its senior executives fulfilled obligations to inform investors and the public about the 2014 hacking attack.

The disclosures from Yahoo about both breaches came after the company agreed to sell its main business to Verizon in July, triggering questions about whether the deal would still be viable and, if so, at what price. The deal is expected to close soon, according to The New York Post, and will see what's left of the business renamed as "Altaba."

Other agencies looking into the data breach include the Federal Trade Commission, the U.S. Attorney's Office in Manhattan and "a number of State Attorneys General," Yahoo said in the November filing.

Advertisement
You are subscribed to notifications!
Looks like you've blocked notifications!
Next Article