Yahoo’s Marissa Mayer Slammed By US Senators Over ‘Unacceptable’ Delay To Handling Data Leak

Yahoo’s competence in handling the aftermath of the theft of personal information of at least 500 million accounts has been heavily criticised by US senators.

The security breach happened back in 2014 and saw the theft of 500 million accounts. But the hack only came to light last week.

Millions of Sky and BT broadband customers could be affected, as BT had used Yahoo Mail for its email service until 2013. Sky meanwhile still uses Yahoo for its email service.

Letter To Marissa

Six Democratic US senators wrote a letter to Yahoo CEO all Marissa Mayer, demanding an explanation as to why it took two years for the hack to come to light. They called the company’s handling of the breach “unacceptable”, according to Reuters.

“That means millions of Americans’ data may have been compromised for two years,” the senators reported wrote. “This is unacceptable.”

The letter was signed by Senators Patrick Leahy, Al Franken, Elizabeth Warren, Richard Blumenthal, Ron Wyden and Edward Markey.

They have also asked Yahoo to provide them with information of Yahoo’s investigation into the hack, how it is co-operating with authorities, and what plans it has to protect affected users. They also want to know what steps Yahoo is taking and for a timeline of the hack and its discovery.

A Yahoo spokesman meanwhile reportedly said the firm would respond in a “timely and appropriate manner” to the letter.

Meanwhile the US securities watchdog Securities and Exchange Commission has reportedly warned companies to promptly disclose “cyber events”.

Lax Security?

Earlier this week cybersecurity specialist Venafi warned that despite the hack occurring two years ago, Yahoo had still not implemented strong digital certificates.

They also warned that Yahoo is still using cryptography (MD5) that has been known to be vulnerable for many years now.

It should be noted that Yahoo has been hacked before. In 2012 Yahoo admitted it had been hacked, after more than 450,000 Yahoo passwords had been posted online.

The core assets of Yahoo are in the middle of the process of being acquired by Verizon for $4.83 billion (£3.86bn).

How well do you know network security? Try our quiz and find out!

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

View Comments

  • With reference to “That means millions of Americans’ data may have been compromised for two years,” Not to mention non-Americans who may not even have been aware that their email was linked to Yahoo. Strange that there was no such outburst during the NSA mass data collection campaigns. Whoops, sorry, I overlooked the issue of "National Security". Perhaps this is a case of "What goes around comes around".

Recent Posts

BNP Paribas Joins JP Morgan Blockchain Trading Network

French bank BNP Paribas becomes first European bank to join JP Morgan's blockchain-based Onyx Digital…

15 hours ago

SEC Held Off Elon Musk Enforcement ‘Due To Court Fears’

US securities regulators may have refrained from enforcement actions against Elon Musk due to discouraging…

15 hours ago

Snap Earnings Warning Triggers Tech Sell-Off

Investors spooked after Snap warns of deteriorating economic conditions, says earnings now 'below the low…

17 hours ago

Russian Operator Discounts Smartphones As Sanctions Bite

Biggest Russian mobile operator MTS begins selling discounted and second-hand smartphones as Russians hit by…

18 hours ago

Clearview AI Fined £7.5m Over Facial Recognition Data

UK Information Commissioner's Office orders controversial facial recognition firm Clearview AI to delete data it…

19 hours ago

Airbnb To Pull Out Of China Amidst ‘Pandemic Challenges’

Airbnb to pull out of China as ongoing zero-Covid policy places severe restrictions on domestic…

20 hours ago