×
You will be redirected back to your article in seconds

Yahoo Hack: Senators Call on CEO Marissa Mayer to Explain Why It Took Two Years to Report Massive Breach

Six Democratic U.S. senators sent a letter to Yahoo CEO Marissa Mayer asking for more details on the hack in which data on more than 500 million user accounts was stolen and saying it was “unacceptable” that it took the internet company the two years to report the attack.

In the Sept. 27 letter, Sens. Ed Markey (D-Mass.), Patrick Leahy (D-Vt.) and four other Senators requested that the company provide a timeline of the hack, including when law enforcement and users were notified, as well as info on how widespread the hack is and what Yahoo is doing to prevent such a hack in the future. The breach is believed to be the largest-ever single theft of user data.

The lawmakers said they were “disturbed that user information was first compromised in 2014, yet the company only announced the breach last week. That means millions of Americans’ data may have been compromised for two years. This is unacceptable.”

A Yahoo rep said in an emailed statement, “We have received the letter and will work to respond in a timely and appropriate manner.”

Mayer has known since July about the company’s investigation into allegations of a major security breach, the Financial Times reported last week, citing an anonymous source.

The company, which reached a deal in July to sell its core web businesses to Verizon for $4.8 billion, last week said a “state-sponsored actor” broke in Yahoo’s network in late 2014 and stole usersnames, hashed passwords, and other personal info for at least 500 million accounts worldwide. Yahoo has not provided an explanation for why it has taken two years to report the incident, nor did it identify the country it believes was behind the attack.

“The stolen data included usernames, passwords, email addresses, telephone numbers, dates of birth, and security questions and answers,” the senators wrote in the letter to Mayer. “This is highly sensitive, personal information that hackers can use not only to access Yahoo customer accounts, but also potentially to gain access to any other account or service that users access with similar login or personal information, including bank information and social media profiles.”

In addition to Leahy and Markey, the letter was signed by Sens. Al Franken (D-Minn.), Elizabeth Warren (D-Mass.), Richard Blumenthal (D-Conn.) and Ron Wyden (D-Ore.). The inquiry comes a day after Sen. Mark Warner (D-Va.) asked the Securities and Exchange Commission to investigate whether Yahoo and its senior executives “fulfilled their obligations” under federal securities laws to inform the public and investors about the security breach.

According to Verizon, Yahoo informed the telco of the scope of the breach two days before Yahoo announced the incident on Sept. 22. Yahoo said in a Sept. 9 proxy statement filed with SEC that “there have not been any incidents of, or third-party claims alleging, (i) Security Breaches, unauthorized access or unauthorized use of any of Seller’s or the Business Subsidiaries’ information technology systems or (ii) loss, theft, unauthorized access or acquisition, modification, disclosure, corruption, or other misuse of any Personal Data” in its possession.

Experts say Yahoo’s costs associated with the security breach will run into the tens of millions of dollars, and could lead Verizon to renegotiate or void its proposed acquisition. The security breach has already spawned several proposed class-action lawsuits by users.

Yahoo has recommended that users who haven’t changed their passwords since 2014 do so, and the company said it was working with law-enforcement officials to investigate the incident. According to the company, based on what it has learned so far, none of the stolen information included unprotected passwords, payment-card data, or bank-account information.

More Digital

  • China Video Streaming Giant iQIYI Loses

    Chinese Video Giant iQIYI Loses $1.3 Billion in 2018

    Chinese video streaming firm iQIYI lost over $1.3 billion in 2018, as revenues and subscriber numbers ballooned. The deepening losses reflected ever higher spending on original content production. Announcing its first full-year financials since a March IPO that launched it onto the NASDAQ, iQIYI said that it lost $1.3 billion (RMB9.1 billion) last compared with [...]

  • Roku headquarters

    Roku Aims to Top $1 Billion in Revenue in 2019, Beats Holiday Quarter Earnings Expectations

    Roku wants to become a billion-dollar company in 2019, and invest more in its ongoing international expansion. The streaming-device maker told investors on Thursday that it expects to generate between $1 billion and $1.025 billion this year, and that international growth was one of its key investment areas for 2019. Roku made these announcements as [...]

  • Vice Media

    Vice Media Taps Joe Simon as Chief Technology Officer (EXCLUSIVE)

    Joe Simon has been tapped as chief technology officer at Vice Media. The newly created role will include oversight of data analytics, engineering, information technology, media operations, media technology, post production, and systems management. Prior to Vice, Simon spent three years as Encompass Digital Media’s chief operating officer. Previously he held the chief technology officer [...]

  • att_logo

    AT&T Suspends YouTube Ad Spending as Boycott Over 'Pedophilia' Videos Scandal Widens

    AT&T, one month after it thought it was safe to advertise on YouTube again, said it is pulling all advertising spending from the world’s biggest video platform. The telco joins a boycott by marketers alarmed by the discovery that a secret group of child predators has been using YouTube to make sexual comments about kids. [...]

  • VR Pop-Up Opens Doors in Manhattan

    Future of Storytelling Pop-Up VR Arcade Is Coming to Manhattan

    Manhattan is getting a location-based virtual reality (VR) pop-up, courtesy of Future of Storytelling: The temporary Story Arcade will open its doors in the Starrett-Lehigh building this coming Saturday, and host a number of VR experiences, including Felix & Paul Studio’s “Traveling While Black,” Fable’s “Wolves in the Walls” and MWM Immersive’s immersive theater VR [...]

  • Amy Winehouse

    Amy Winehouse Hologram Tour Canceled Over 'Challenges and Sensitivities'

    Amy Winehouse will not be “Back to Black” in a holographic live tour after all. The late British singer, who died in 2011, was to be featured in a stage show slated to launch near the end of 2019. But the producer of the show, BASE Hologram, has indefinitely postponed plans for the Winehouse show, [...]

More From Our Brands

Access exclusive content