New York — The US Securities and Exchange Commission
(SEC) is investigating a previously disclosed data breach at Yahoo, the
company said in a filing.
Yahoo said in a November 2016 quarterly filing that it was "co-operating with federal, state and foreign" agencies, including the SEC, that were seeking information and documents about a "security incident and related matters". The SEC was investigating whether two massive data breaches at Yahoo should have been reported sooner to investors, The Wall Street Journal reported on Sunday, citing people familiar with the matter.
An SEC spokesperson declined to comment. A Yahoo spokesperson directed Reuters to the company’s November filing.
Yahoo has faced pointed questions about exactly when it knew about a 2014 cyber attack it announced in September that exposed the e-mail credentials of half a billion accounts.
In December, Yahoo said it had uncovered yet another huge cyber attack, saying data from more than 1-billion user accounts were compromised in August 2013.
The SEC issued requests for documents in December, as it probed whether the technology company’s disclosures about the cyber attacks complied with civil securities laws, the people said, according to the journal.
Securities industry rules require companies to disclose cyber breaches to investors. Although the SEC has long-standing guidance on when publicly traded companies should report hacking incidents, companies that have experienced known breaches often omit those details in regulatory filings, according to a 2012 Reuters investigation. Democratic US Senator Mark Warner asked the SEC in September to investigate whether Yahoo and its senior executives fulfilled obligations to inform investors and the public about the 2014 hacking attack.
The disclosures from Yahoo about both breaches came after the company agreed to sell its main business to Verizon Communications in July, triggering questions about whether the deal would still be viable and, if so, at what price.
Other agencies looking into the data breach include the Federal Trade Commission, the US attorney’s office in Manhattan and "a number of state attorneys-general," Yahoo said in the November filing.
Reuters/BDlive
Yahoo said in a November 2016 quarterly filing that it was "co-operating with federal, state and foreign" agencies, including the SEC, that were seeking information and documents about a "security incident and related matters". The SEC was investigating whether two massive data breaches at Yahoo should have been reported sooner to investors, The Wall Street Journal reported on Sunday, citing people familiar with the matter.
An SEC spokesperson declined to comment. A Yahoo spokesperson directed Reuters to the company’s November filing.
Yahoo has faced pointed questions about exactly when it knew about a 2014 cyber attack it announced in September that exposed the e-mail credentials of half a billion accounts.
In December, Yahoo said it had uncovered yet another huge cyber attack, saying data from more than 1-billion user accounts were compromised in August 2013.
The SEC issued requests for documents in December, as it probed whether the technology company’s disclosures about the cyber attacks complied with civil securities laws, the people said, according to the journal.
Securities industry rules require companies to disclose cyber breaches to investors. Although the SEC has long-standing guidance on when publicly traded companies should report hacking incidents, companies that have experienced known breaches often omit those details in regulatory filings, according to a 2012 Reuters investigation. Democratic US Senator Mark Warner asked the SEC in September to investigate whether Yahoo and its senior executives fulfilled obligations to inform investors and the public about the 2014 hacking attack.
The disclosures from Yahoo about both breaches came after the company agreed to sell its main business to Verizon Communications in July, triggering questions about whether the deal would still be viable and, if so, at what price.
Other agencies looking into the data breach include the Federal Trade Commission, the US attorney’s office in Manhattan and "a number of state attorneys-general," Yahoo said in the November filing.
Reuters/BDlive
No comments:
Post a Comment