SEC hits Yahoo with $35 million fine for failing to disclose massive 2014 data breach

[Polycount]

If you haven't been keeping tabs on Yahoo lately, you wouldn't be alone. With the exception of the massive 2014 data breach that exposed the personal data of roughly 500 million users, the company has all but dropped off the map for many.

Unfortunately for Yahoo, that very data breach has come back to haunt them yet again. Although the breach initially took place in 2014, Yahoo never disclosed the incident - it wasn't until 2016 that the media discovered the breach and began reporting on it.

As we reported in January last year, the SEC opened an investigation into the matter to determine whether or not Yahoo's decision to avoid disclosing the breach broke any laws.

Now, the SEC has finally come to a decision. The organization has announced that the "entity formerly known as Yahoo! Inc." has agreed to pay a $35 million penalty to settle charges that it misled investors by "failing to disclose one of the world’s largest data breaches."

...the SEC's Steven Peikin made it clear that the commission doesn't take issue with a company simply taking some additional time to disclose a breach...

In a statement, the SEC's Steven Peikin made it clear that the commission doesn't take issue with a company simply taking some additional time to disclose a breach -- indeed, in some cases it's necessary -- but he warns that the organization's patience is not infinite.

"...we [have cautioned] that a company’s response to such an event could be so lacking that an enforcement action would be warranted," Peikin said regarding the incident. "This is clearly such a case."

Permalink to story.

https://www.techspot.com/news/74306-sec-hits-yahoo-35-million-fine-failing-disclose.html

 

[psycros]

Yahoo is one of the best examples of how to destroy a successful online operation. They did nothing to retain their best and brightest, and thus Google stole away their top search engine architect. While Google and Microsoft were rolling out free POP/IMAP email Yahoo started charging for theirs. Yahoo had a ton of great home-built features and sub-sites but finding most of them was like searching through a dark forest with a candle. Multiple voices, my own included, urged Yahoo's upper management to form partnerships with magazine publishers and become a single portal for digital periodicals. Instead they floundered around and tried to invade their user's privacy ala Facebook long after the social media ship had sailed. Even AOL with all its missteps had better luck than Yahoo which sold off, discontinued or simply wrecked everything that ever made it special.

 

[Uncle Al]

Well played .... let's just hope they show the same tenacity towards Facebook with a pro-rated fine ..... let's open the bidding at 1 billion ......

 

[JaredTheDragon]

And yet Yahoo still has by far the best browser-based email client. Gmail and Outlook are just terrible; one too cluttered, one too sparse. Of course that has no bearing on their breach and response - they deserve this kind of heat, and $35M isn't a drop in the bucket for Yahoo anymore.