In September, Yahoo confirmed that at least 500 million of its users' accounts had been compromised during an attack in late 2014. Now, in a recent filing with the Securities and Exchange Commission, it was revealed that the company knew about the hack when it originally happened in 2014, but waited two years to divulge it to the public (via TechCrunch)

Describing the investigation, the new SEC filing notes a "state-sponsored actor" who gained access to the company's network in late 2014, along with Yahoo's awareness and identification of the individual in question during the same time period. Information stolen included names, email addresses, telephone numbers, dates of birth, hashed passwords, and encrypted or unencrypted security questions and answers.

yahoo

In late July 2016, a hacker claimed to have obtained certain Yahoo user data. After investigating this claim with the assistance of an outside forensic expert, the Company could not substantiate the hacker’s claim. Following this investigation, the Company intensified an ongoing broader review of the Company’s network and data security, including a review of prior access to the Company’s network by a state-sponsored actor that the Company had identified in late 2014. Based on further investigation with an outside forensic expert, the Company disclosed the Security Incident on September 22, 2016, and began notifying potentially affected users, regulators, and other stakeholders.

Now a board made up of independent counsel and a forensic expert is said to be investigating "the scope of knowledge within the company in 2014," as well as Yahoo's basic security measures and related incidents. The filing describes $1 million in losses for Yahoo relating to the security breach so far.

Additionally, Yahoo said that 23 class action lawsuits have been filed against the company by consumers targeted by the security breach in 2014, in both federal and state courts, as well as foreign courts. Plaintiffs in the cases claim to have been "harmed by the company's alleged actions and/or omissions" relating to the hack. The scope and monetary damages sought by each consumer was not divulged.

In attempts to move past the incident, Yahoo is cooperating with federal, state, and foreign governments and agencies who are investigating the hack. The biggest blowback for Yahoo might still be in its planned sale to Verizon, the latter company now asking for a $1 billion discount due to Yahoo's current turbulent drama with the news of the 2014 hack.

Tag: Yahoo

Top Rated Comments

macduke Avatar
macduke
83 months ago
I'd hope Yahoo gets into huge legal trouble for this, but all that does is hurt the lowly employees who lose their jobs as the company breaks apart. The executives that make these decisions never suffer any real-world consequences, and can bail out with their golden parachute as if nothing happened. We need to go after the executives and take the money out of their pockets. Once we strike fear into the heart of executives nation wide, then and only then will we have any real positive change for consumers. Executives who take clear, obviously negative actions that knowingly put their customers at risk should be held personally accountable—not the company itself. It should be a part of the assumed responsibility and risk you take in exchange for making millions of dollars per year.
Score: 9 Votes (Like | Disagree)
A MacBook lover Avatar
A MacBook lover
83 months ago
Marissa Mayer is a joke, how on earth is she still running yahoo?
Score: 7 Votes (Like | Disagree)
CarlJ Avatar
CarlJ
83 months ago
Information stolen included names, email addresses, telephone numbers, dates of birth, hashed passwords, and encrypted or unencrypted security questions and answers.
This is why not only do I have separate, long, random, passwords for every single site (thanks 1Password), but I also never answer "security questions" with legit answers. It's like they're saying, "please set up one secure password, plus three more that someone can find out by googling you". So my "security answers" are all completely nonsensical. By the way, my parents are Atilla the Hun and Joan of Arc, and I was born in 1752 in Mare Tranquillitatis on the moon.
Score: 2 Votes (Like | Disagree)
duervo Avatar
duervo
83 months ago
Screw Yahoo! Mail. I setup my own personal email server. It has classified material in it, but I don't care.
Score: 2 Votes (Like | Disagree)
2457282 Avatar
2457282
83 months ago
I thought there was a law that stated that a company must go public within 90 days if more than 500 people were affected. If that is true and Yahoo waited 2 years to go public, then I see a huge class action lawsuit coming.
Score: 2 Votes (Like | Disagree)
rizzo41999 Avatar
rizzo41999
83 months ago
Mayer is a fraud.
Score: 1 Votes (Like | Disagree)
Read All Comments

Popular Stories

iPhone 15 Pro Buttons CAD Leak

iPhone 15 Pro Leak Reveals Unified Volume Button and Mute Button

Monday March 20, 2023 8:33 am PDT by
As previously rumored, the next-generation iPhone 15 Pro and iPhone 15 Pro Max will feature a unified volume button and a mute button, according to leaked CAD images shared in a video on the Chinese version of TikTok and posted to Twitter by ShrimpApplePro. Instead of separate buttons for volume up and volume down, the iPhone 15 Pro models are expected to have a single elongated button for...
Read Full Article400 comments
iOS 16

iOS 16.4 for iPhone Nearing Launch With These 5 New Features

Monday March 20, 2023 11:50 am PDT by
Apple says iOS 16.4 is coming in the spring, which began this week. In his Sunday newsletter, Bloomberg's Mark Gurman said the update should be released "in the next three weeks or so," meaning a public release is likely in late March or early April. iOS 16.4 remains in beta testing and introduces a handful of new features and changes for the iPhone. Below, we have recapped five new features ...
Read Full Article
voice isolation

iOS 16.4 Adds Voice Isolation for Cellular Phone Calls

Tuesday March 21, 2023 11:01 am PDT by
The iOS 16.4 update that is set to be released to the public in the near future includes voice isolation for cellular calls, according to notes that Apple shared today. Apple says that Voice Isolation will prioritize your voice and block out the ambient noise around you, making for clearer phone calls where you can better hear the person you're chatting with and vice versa. Voice...
Read Full Article81 comments
original iphone auction

Factory-Sealed Original iPhone Sells for $55,000 at Auction

Friday March 17, 2023 1:08 pm PDT by
A first-generation iPhone still sealed inside its box sold for $54,904 at auction, which is more than $54,000 over the original $599 price tag of the device when it was released in 2007. The original iPhone was put up for sale by RR Auction on behalf of a former Apple employee who purchased it back when it first came out. Back in February, an original, sealed iPhone sold for over $63,000,...
Read Full Article140 comments
airpodsd 3 purple 4

iOS 16.4 Seemingly References New AirPods and AirPods Case

Tuesday March 21, 2023 11:43 am PDT by
The iOS 16.4 release candidate version that was provided to developers today appears to hint at a new set of AirPods that could be coming in the near future. According to @aaronp613, the beta features references to AirPods that have a model number of A3048 and an AirPods case with a model number of A2968. There have been no rumors that new AirPods are on the horizon, and it is early for...
Read Full Article65 comments
iOS 16

Apple Seeds Release Candidate Versions of iOS 16.4 and iPadOS 16.4 to Developers [Update: Public RC Available]

Tuesday March 21, 2023 10:25 am PDT by
Apple today seeded the release candidate versions of upcoming iOS 16.4 and iPadOS 16.4 updates to developers for testing purposes, with the software coming a week after the launch of the fourth betas. The RCs mark the final version of the software that will be provided to the public in the near future. Registered developers are able to download the iOS 16.4 and iPadOS 16.4 updates...
Read Full Article54 comments
google bard

Google Opens Up Access to Bard AI Chatbot

Tuesday March 21, 2023 4:23 pm PDT by
Google today began allowing users to sign up to use Bard, its AI-powered chatbot that rivals Microsoft's Bing chatbot. First announced back in February, Bard is an experimental conversational AI service for Google Search. Those interested in Bard can join Google's waitlist to get access, and some users have reported getting invitation emails just hours after signing up. There are a long list ...
Read Full Article89 comments
smart monitor m8 samsung

Deals: Samsung's iMac-Like Smart Monitor M8 Drops to Lowest Price of Year So Far With $250 Discount

Monday March 20, 2023 8:27 am PDT by
Samsung today kicked off a special "Discover Samsung" event, which will be a week-long savings event focusing on Samsung monitors, smartphones, TVs, appliances, and more. While some deals will stick around the entire week (through March 26), others will refresh every day. Note: MacRumors is an affiliate partner with Samsung. When you click a link and make a purchase, we may receive a small...
Read Full Article82 comments