Close

Are you in compliance?

Don't miss out! Sign up today for our weekly newsletters and stay abreast of important GRC-related information and news.

×

Status message

Start your free, no obligation 5-day trial to continue exploring with full access.

Yahoo to pay $35M for failing to disclose massive cyber-security breach

Jaclyn Jaeger | April 24, 2018

The Securities and Exchange Commission announced Tuesday that Altaba—the entity formerly known as Yahoo—has agreed to pay a $35 million penalty to settle charges that it misled investors by failing to disclose one of the largest data breaches in history, in which hackers stole personal data relating to at least 500 million user accounts.

Within days of the December 2014 intrusion, according to the SEC’s order, Yahoo’s information security team learned that Russian hackers had stolen what the team referred to internally as the company’s “crown jewels”: usernames, email addresses, phone numbers, birthdates, encrypted passwords, and security questions and answers for hundreds of millions of user accounts. Yahoo...

Read this single article for $49, or click the subscribe button below to review subscription options.

Enjoy unlimited access to thousands of articles, browse five years of digital magazines, qualify for reduced admission to events, and more.