Senators call Yahoo’s delayed disclosure of 2014 hack ‘unacceptable’

Chuck E. Cheese recycles pizza is the conspiracy theory that won’t die
No matter how often it is debunked, people want to believe.

See all Editor's Picks

Yahoo is facing a landslide of lawsuits and political criticism after it revealed only last week that a 2014 hack exposed information for 500 million of its user accounts.

Six Democratic U.S. senators called the delay “unacceptable” in a letter sent to CEO Marissa Mayer. “Disturbed” that a 2-year-old intrusion was detected so slowly, the senators asked for more information on the breach.

The letter was sent by Sens. Patrick Leahy (D-Vt.), Al Franken (D-Minn.), Elizabeth Warren (D-Mass.), Richard Blumenthal (D-Ct.), Ron Wyden (D-Ore.), and Edward Markey (D-Mass.). 

Sen. Patrick Leahy

The tech firm now faces multiple lawsuits filed over the last week charging that Yahoo failed to protect users’ information. One lawsuit, filed by Edward McMahon of New York, accused Yahoo of “intentionally, willfully, recklessly, or negligently” failing to protect its systems.

Yahoo’s woes comes in the middle of a $4.8 billion acquisition of Yahoo’s core business by Verizon over the course of the next year. Whether this news will derail that remains to be seen. Tim Armstrong, chief executive of Verizon-owned AOL, said on Monday the investigation is still “very early stages.”

“A recent investigation by Yahoo … has confirmed that a copy of certain user account information was stolen from the company’s network in late 2014 by what it believes is a state-sponsored actor,” the company wrote in a statement last week. 

“The account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers.”

The identity of the state-sponsored actor has yet to be disclosed by investigators.

Patrick Howell O'Neill

Patrick Howell O'Neill

Patrick Howell O'Neill is a notable cybersecurity reporter whose work has focused on the dark net, national security, and law enforcement. A former senior writer at the Daily Dot, O'Neill joined CyberScoop in October 2016. I am a cybersecurity journalist at CyberScoop. I cover the security industry, national security and law enforcement.