Menu
Six US senators demand more details about the Yahoo data breach

Six US senators demand more details about the Yahoo data breach

The lawmakers call the 500 million-user breach 'unacceptable,'

Six U.S. senators have called Yahoo's massive data breach "unacceptable," and they're demanding that the company provide more details about the incident.

In a letter addressed to Yahoo's CEO, the lawmakers said they were particularly "disturbed" that the breach occurred in 2014, but that Yahoo only publicized it last week.

"That means millions of Americans' data may have been compromised for two years," the letter said. "This is unacceptable."

The hacking incident, which Yahoo said it only learned recently, affects at least 500 million users, making it perhaps the largest known data breach in history. Account information, including email addresses, telephone numbers, and hashed passwords, may have been stolen.

Yahoo has blamed the breach on a "state-sponsored actor," but it hasn't provided details or any evidence to support that claim.

Tuesday's letter asks that Yahoo provide a briefing to the senators' staff about the breach. The lawmakers have also provided a list of questions for the company to answer. Among them is a request that Yahoo provide a timeline on when and how it discovered the breach.

Yahoo didn't immediately respond to a request for comments. But a source familiar with the matter said the company only learned of the hack this past summer, after investigating another possible data breach involving the black market.

Around early August, a hacker was found allegedly selling account details of 200 million Yahoo users. The company investigated and concluded that the sale wasn't legitimate. However, Yahoo decided to launch a broader probe into its systems that uncovered evidence of the more serious data breach.

The six senators, however, are asking how such a large intrusion into Yahoo could have gone undetected for so long. The senators, all Democrats, include Patrick Leahy of Vermont, Al Franken of Minnesota, Richard Blumenthal of Connecticut, Ron Wyden of Oregon, and Edward Markey and Elizabeth Warren of Massachusetts.

On Monday, Senator Mark Warner, a Virginia Democrat, also sent a letter, but to the U.S. Securities and Exchange Commission, asking that the agency investigate Yahoo's handling of the breach and if it kept investors properly informed.

"The public ought to know what senior executives at Yahoo knew of the breach, and when they knew it.” Warner wrote.


Follow Us

Join the newsletter!

Error: Please check your email address.

Featured

Slideshows

Sizing up the NZ security spectrum - Where's the channel sweet spot?

Sizing up the NZ security spectrum - Where's the channel sweet spot?

From new extortion schemes, outside threats and rising cyber attacks, the art of securing the enterprise has seldom been so complex or challenging. With distance no longer a viable defence, Kiwi businesses are fighting to stay ahead of the security curve. In total, 28 per cent of local businesses faced a cyber attack last year, with the number in New Zealand set to rise in 2017. Yet amidst the sensationalism, media headlines and ongoing high profile breaches, confusion floods the channel, as partners seek strategic methods to combat rising sophistication from attackers. In sizing up the security spectrum, this Reseller News roundtable - in association with F5 Networks, Kaspersky Lab, Tech Data, Sophos and SonicWall - assessed where the channel sweet spot is within the New Zealand channel. Photos by Maria Stefina.

Sizing up the NZ security spectrum - Where's the channel sweet spot?
Show Comments