In 2014, Yahoo executives did not react well to a hacker breach in 2014 that compromised up to a half-billion user accounts held by the early online platform, according to Computer World. The originators of the “state-sponsored” breach have not been disclosed, but the perpetrators gleaned personal information from the violated accounts which included back-up files containing e-mail addresses, phone numbers and other such data Yahoo holds in its user profiles.
Yahoo’s security team at that time knew of the breach, but no action was taken to investigate the intrusion. However, the company did set new security features in place in an attempt to prevent another incident.An investigation was initiated after news about the breach went public in 2016 a few months after reports surfaced about the sale of stolen data from Yahoo.
In Nov. of 2016, authorities presented Yahoo with stolen data which was not from the 2014 incident but from another breach which had apparently occurred in 2013, somehow unnoticed. An estimated 1 billion user files were reportedly compromised in the 2013 incident.
Yahoo created its own investigative panel last year to hash out the details of what happened in 2014 and how it happened. The panel stated after the breach, Yahoo’s legal team did not pursue the violation further although they had grounds to do so.
Information on the hacking occurrences took place on the cusp of a multi-billion-dollar transaction in which Verizon was set to buy out Yahoo. Yahoo will ultimately sold to the communications giant later this year, but at a discount of about $385 million to the original $4.83 billion offer.
A number of class action lawsuits have already been filed against Yahoo.