Described as the biggest known breach of a company’s computer network...
The company initially disclosed the event in 2016 stating that the 2013 attack on its network had affected one billion accounts. In October 2017, Yahoo's new owner Verizon discovered that 3 billion, not 1 billion, accounts had been compromised.
The unidentified 2013 hackers (said to be unconnected to those behind the company's 2014 hack) exfiltrated names, dates of birth, email addresses, security questions and answers and poorly protected passwords.
In March 2018 it was reported that the company agreed to pay $80 million to settle a federal securities class action lawsuit following the massive data breaches. The settlement included all those who purchased Yahoo securities on the open market between April 2013 and Dec 2016.
Want to discuss this case? We're offering a FREE 20 minute phone consultation to discuss this case and the implications it has for your organisation. Just select the time and date that works for you:
If you'd rather we did the heavy lifting in developing a cyber incident response plan or lessons learnt training for your organisation underpined by our unique insight into the challenges faced and strategies implemented by organisations countering today's cyber security threats then please contact us here.