SEC probing Yahoo over previously
disclosed cyber breach: filing
Send a link to a friend
[January 23, 2017]
By Suzanne Barlyn
(Reuters) - The U.S. Securities and
Exchange Commission is investigating a previously disclosed data breach
at Yahoo Inc, the company said in a filing.
Yahoo said in a November 2016 quarterly filing that it was “cooperating
with federal, state and foreign” agencies, including the SEC, that were
seeking information and documents about a "security incident and related
The SEC is investigating whether two massive data breaches at Yahoo
should have been reported sooner to investors, the Wall Street Journal
reported on Sunday, citing people familiar with the matter.
An SEC spokesman declined to comment. A Yahoo spokesman directed Reuters
to the company's November filing.
Yahoo has faced pointed questions about exactly when it knew about a
2014 cyber attack it announced in September that exposed the email
credentials of half a billion accounts.
In December, Yahoo said it had uncovered yet another massive cyber
attack, saying data from more than 1 billion user accounts was
compromised in August 2013.
The SEC issued requests for documents in December, as it probes whether
the technology company’s disclosures about the cyber attacks complied
with civil securities laws, the people said, according to the Journal.
Securities industry rules require companies to disclose cyber breaches
to investors. Although the SEC has long-standing guidance on when
publicly traded companies should report hacking incidents, companies
that have experienced known breaches often omit those details in
regulatory filings, according to a 2012 Reuters
[to top of second column]
A photo illustration shows a Yahoo logo on a smartphone in front of
a displayed cyber code and keyboard on December 15, 2016.
REUTERS/Dado Ruvic/File Illustration
Democratic U.S. Senator Mark Warner asked the SEC in September to
investigate whether Yahoo and its senior executives fulfilled
obligations to inform investors and the public about the 2014
The disclosures from Yahoo about both breaches came after the
company agreed to sell its main business to Verizon Communications
Inc in July, triggering questions about whether the deal would still
be viable and, if so, at what price.
Other agencies looking into the data breach include the Federal
Trade Commission, the U.S. Attorney’s Office in Manhattan and “a
number of State Attorneys General,” Yahoo said in the November
(Reporting by Suzanne Barlyn in New York; Editing by Peter Cooney)
[© 2017 Thomson Reuters. All rights
Copyright 2017 Reuters. All rights reserved. This material may not be published,
broadcast, rewritten or redistributed.