Yahoo! data breach litigation to proceed
On 9 March 2018, the United States District Court for the Northern District of California, San Jose Division, granted in part and denied in part Yahoo! Inc. (‘Yahoo’) and Aabaco Small Business, LLC’s (‘Aabaco’) (collectively, ‘the Defendants’) motion to dismiss the putative class litigation brought by nine named individuals (‘the Plaintiffs’) over the way the Defendants handled several data breaches that occurred between 2013 and 2016. See discussion at:
Update:
The U.S. Securities and Exchange Commission (“SEC”) issued a press release on April 24, 2018 announcing a $35 million penalty payment by Yahoo! (n/k/a Altaba), in order to settle charges that it misled investors by failing to disclose “one of the world’s largest data breaches…” As noted by the SEC, “within days of the December 2014 intrusion, Yahoo’s information security team learned that Russian hackers had stolen what the security team referred to internally as the company’s ‘crown jewels…” The SEC’s San Francisco regional director commented that “Yahoo’s failure to have controls and procedures in place to assess its cyber-disclosure obligations ended up leaving its investors totally in the dark…” Altaba, Formerly Known as Yahoo!, Charged With Failing to Disclose Massive Cybersecurity Breach; Agrees To Pay $35 Million The case reportedly is the first time the SEC has pursued a company for failing to disclose a data breach. U.S. regulator fines Altaba $35 million over 2014 Yahoo email hack
cyberpeg'd 