Security & Fraud

Yahoo Discovered Hack Two Years Before It Disclosed It

Yahoo’s deal to sell its core assets to Verizon may have been dealt a new blow when the internet company disclosed in a Securities and Exchange Commission filing that it discovered the hack that led to the compromise of a half-a-million user accounts two years before it went public with it.

In an SEC filing, Yahoo said it discovered the attacks, which the company continues to contend happened by a “state-sponsored actor,” shortly after it happened at the end of 2014. The company didn’t realize the extent of the compromise until a hacker claimed this past July he or she had vast amounts of Yahoo user data. Yahoo also said in the SEC filing it has been working with forensic security experts and that the investigation cost it $1 million in the third quarter.

In the filing, Yahoo also provided more information about the massive hack in 2014. Yahoo said the “state-sponsored actor” may have created cookies that could enable them to bypass the need for a password. They then had access to users’ accounts and account information. An independent committee is looking into who inside Yahoo knew about the hack and when. In that same filing, Yahoo disclosed another more recent hack. Yahoo said on Monday (Nov. 7) law enforcement authorities began sharing data they said was provided by a hacker. The hacker claimed the information came from a Yahoo user account. Yahoo said it’s working with forensic experts to analyze and investigate the claim.

The disclosures come as Yahoo is trying to close on its deal to sell its core assets to Verizon. It’s not clear if the disclosure in the filing and the previously announced hack will result in Verizon paying less for Yahoo’s core assets or walking away completely.


Latest Insights: 

With an estimated 64 million connected cars on the road by year’s end, QSRs are scrambling to win consumer drive-time dollars via in-dash ordering capabilities, while automakers like Tesla are developing new retail-centric charging stations. The PYMNTS Commerce Connected Playbook explores how the connected car is putting $230 billion worth of connected car spend into overdrive.

Click to comment


To Top