Yahoo was fined $35 million by the SEC for data breach in 2014

The U.S. Securities and Exchange Commission (SEC) announced on Tuesday that it imposed a fine of $35 million on Altaba for an allegation of the latter. The accusation was that former Yahoo was accused of concealing it from investors for more than two years. Year of large-scale network security flaws. This is the first time the SEC has punished a company for failing to disclose information related to cybersecurity breaches. Altaba agreed to close the case but did not admit or deny any wrongdoing.

The U.S. Securities and Exchange Commission issued a statement saying that after a few days of cyber attacks in 2014, the former Yahoo’s information security team had already learned of this. In the attack, Russian hackers stole email addresses, passwords, and security issues of former Yahoo users. The statement pointed out that although the former Yahoo’s information security team learned of the attack and reported it to the senior management and legal department, the company did not conduct a proper investigation and it did not disclose it to the public until two years later. This happened when the company was in the process of being acquired by Verizon Communication Inc.

Last year, the US Department of Justice announced investigations into the role of four involved persons in the theft case of 500 million Yahoo accounts, including two officials of the Federal Security Service. One of the involved persons was Karim Baratov, a Canadian citizen born in Kazakhstan. He had pleaded guilty at the end of last year and admitted that he had helped Russian intelligence agencies crack email accounts. Baratov is expected to be sentenced on Tuesday for his role in the Yahoo hacking case.

In the investigation of the hacker case in 2014, Yahoo also discovered another network attack in 2013. In this incident, all of the company’s 3 billion accounts were stolen. This is the largest scale so far. Knowing consumer information theft.

Source: theverge