SEC Probes Yahoo For Delayed Disclosure Of 2 Massive Data Breaches
SUNNYVALE (CBS SF) -- The Securities and Exchange Commission is reportedly investigating two massive data breaches at Yahoo.
The Wall Street Journal reports the focus of the investigation is whether Yahoo should have reported the hacks earlier.
One data breach in 2013 affected as many as a billion user accounts but it wasn't reported until December 2016.
The SEC requires companies to report "cybersecurity risks as soon as they are determined to have an effect on investors."
Another breach in 2014 affected some 500 million user accounts. Yahoo disclosed the incident in September 2016.
If the SEC determines wrongdoing, it would be the first case against a company for "failing to disclose a cyberbreach" and "could prove to be a major test in defining when a company is required to disclose a hack."