“Yahoo knew!” – Following a company filing, Yahoo admits that they knew from 2014

Yahoo seems to have ‘put their foot in it’ following revelations about the massive data breaches.

In a recent company’s filing with the U.S. Securities and Exchange Commission (SEC), it revealed that many employees knew of the hack since 2014 and that the data breach had been a ‘recent investigation’ when the company announced the news on September 22.

Many employees reportedly knew

The knowledge of the data breach and Yahoo claiming that the breach was a recent occurrence interlinks with each other.

The filing revealed that many employees knew of the data breach, which affected over 500 million users firstly, and then moved to over a billion this month. It did not detail further about the number of employees that knew of the data breach.

The SEC filings are something that is required in relation to the company’s quarterly financial earnings. They were not specifically meant to uncover the extent of the massive security breach, but some may say that it is a good job that it did. Without the filings, we would have never known that Yahoo reportedly already knew of the breach back in 2014.

‘Recent investigation’

What is most concerning is the fact that Yahoo only initiated investigations into the data breach after its September announcement; seemingly waiting more than two years. The tech giants said that they only knew of the hack in July, when the hackers ‘Peace_of_Mind’ offered around 200 million of Yahoo’s users’ for sale on the dark web. But following the revelations in the SEC filing, we know that that was untrue.

Did the top management team know?

While it is too early to verify the truth in the hacker’s claims, we can say for sure that Yahoo has admitted to an ‘older cyber-attack’ that took place in late 2014. The filing was not a hundred percent helpful as it did not detail the exact numbers of employees that knew and also whether Yahoo’s top management team knew.

It would be inconceivable to believe that Yahoo’s management team did not know of the breach. However, that is up for debate. Some say that, due to the complex structure of the management team, it could have been possible that Yahoo’s top team were never notified of the security breach, which led to the lack of action.

State-sponsored hack

Investigators are still looking at the nature of the hack, but some believe that Yahoo fell victim to a state-sponsored hack. The foreign hacker is thought to have created cookies that allowed them to bypass the need for a password which then allowed them access to users’ account and their personal information stored on the account.

IMPORTANT: advice on this page is intended to be up-to-date for the 'first published date'.

Request a Callback from our team!

Fill out our quick call back form below and we’ll contact you when you’re ready to talk to us.
All fields marked * are required.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy.
You have the right to object to the processing of your personal data.