Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Yahoo! Government Security The Almighty Buck United States

SEC Issues $35 Million Fine Over Yahoo Failing To Disclose Data Breach (theverge.com) 35

Altaba, the company formerly known as Yahoo, will have to pay a $35 million fine for failing to disclose a 2014 data breach in which hackers stole info on over 500 million accounts. "The U.S. Securities and Exchange Commission announced today that Altaba, which contains Yahoo's remains, agreed to pay the fine to settle charges that it misled investors by not informing them of the hack until September 2016, despite known of it as early as December 2014," reports The Verge. From the report: The SEC goes on to admonish Yahoo for its failure to disclose the breach to investors, saying that the agency wouldn't "second-guess good faith exercises of judgment" but that Yahoo's decisions were "so lacking" that a fine was necessary. Yahoo isn't being fined for having poor security practices, not informing users, or really anything related to the hack happening. The SEC is just mad that investors weren't told about it, because -- as Yahoo even noted in filings to investors -- data breaches can have financial impacts and legal implications. With a breach this large, the SEC believes that was obviously a real risk. "Public companies should have controls and procedures in place to properly evaluate cyber incidents and disclose material information to investors," Jina Choi, director of the SEC's San Francisco Regional Office, said in a statement. The SEC released guidance to public companies on what to disclose about data breaches earlier this year, which could help to avoid similar situations in the future.
This discussion has been archived. No new comments can be posted.

SEC Issues $35 Million Fine Over Yahoo Failing To Disclose Data Breach

Comments Filter:
  • by jwhyche ( 6192 ) on Tuesday April 24, 2018 @05:43PM (#56497245) Homepage

    Does Yahoo have 35 million laying around? I Yahoo even worth this much to verizon?

    • Verizon paid $4.48 billion for them so you would think that wouldn't be a problem.

      • Yahoo, will have to pay a $35 million fine for failing to disclose a 2014 data breach

        "Smithers, take it from petty cash, and we're done". The GDPR may be a bit overreaching in places, but one thing they have got right is the fines, that's something companies can't ignore any more. For the first time, shareholder value will now be tied to looking after people's private details.

  • by dyfet ( 154716 ) on Tuesday April 24, 2018 @05:56PM (#56497289) Homepage

    Privacy is cheap according to the SEC.

    • Privacy is cheap according to the SEC.

      It is not the SEC's job to protect your privacy. This fine was about protecting the rights of investors, not users, and there were a lot less than 500 million Yahoo investors.

      • It's not clear to me how this protects investors. The company pays the SEC, the company value goes down. The stock price goes down.

        It's bullshit. The penalty should be levied against the C-level executives who hid the breach, not the company.

        • It works by deterring future offenders, not by helping current investors.

          • In what way is anyone deterred from doing it in the future?
            Are any of the people involved imprisoned? Are we taking their money/property away?

            • Are we taking their money/property away?

              It is very likely that, as we type, some law firm is preparing a shareholder lawsuit against the executives that made the decision, to recoup some or all of the $35M.

  • will be paying the fine? Yeah, didn't think so.
  • Comment removed based on user account deletion
  • I would have hoped that not securing your data and allowing customer data to get into the hands of who knows who would be worth at least $1 per account affected. No need to invest in proper IT security if you have the cash on hand.
  • Do the cheated public ever get to see any of these so called 'fines' at all or does it all go to Uncle Sam who just encourages more of such pathetic capitalistic companies that dont care about privacy ?? Europe rocks for privacy.
    • by Anonymous Coward

      Once a upon a time when the federal government was not yet a giant squid and deficit spending with no plan to ever go cash positive was not a feature of the federal budget; yes the public benefited in the sense that government had more money to spend on services without additional tax revenue. I'll gotten gains could be recorded from bad actors and society could be reembursed for some of their harms.

      In the modern era there is no relationship (only a slight exaggeration) between the treasury, taxes, or othe

      • by epine ( 68316 )

        Mayer should be personally fined for "misleading investors while serving as an officer of a public company" or something.

        I don't see the difficulty here.

        Executive bonuses should be recalculated retroactively with these kinds of fines allocated to the point of cause rather than the point of outcome, and then clawbacks all around.

        At the scale of Volkswagen, this would have wiped every executive bonus off the map, with effects spread over a multiple year period.

        Yahoo was failing for a long time and I suspect b

  • Weren'tt there multiple breaches? This fine is specifically for the 2014 one.

  • 3B in revenue. 35M fine. Like a pimple that needs to be popped.

  • Truly shocking! Have they not considered the impact this could have on investment bankers' bonuses--in this year alone?

  • Their Oracle told them years ago.

    (Yet Another Hierarchical Officious Oracle!)

Show me a man who is a good loser and I'll show you a man who is playing golf with his boss.

Working...