SAN FRANCISCO – Yahoo detected evidence that a hacker had broken into its computer network at least 18 months before launching an investigation that discovered personal information had been stolen from about 500 million user accounts.
The timeline outlined in a regulatory filing raises further questions about why it took Yahoo so long to realize the severity of its security breakdown. It also could provide Verizon Communications with reason to revise or terminate its $4.8 billion deal to buy Yahoo’s online services.
READ MORE: Here’s what you need to know about the Yahoo hack
Yahoo disclosed the size of the breach seven weeks ago. At that time, Yahoo traced its findings to an inquiry opened in late July, around the same time that Verizon announced its agreement to buy Yahoo’s email service, digital advertising tools and sections devoted to news, sports, finance and entertainment.
Verizon says it wasn’t informed of the hacking attack until a few days before Yahoo told its users in late September.
- B.C. introduces legislation recognizing Haida Gwaii Indigenous title
- Whale experts confident B.C. orca calf will survive, find family if rescue plan succeeds
- Plastic production cap still contentious as Ottawa set to host treaty talks
- Chemical plant shuts down after high benzene levels detected near Ontario First Nation
In its regulatory filing late Wednesday, Yahoo acknowledged the company first became aware of the hack in late 2014. The Sunnyvale, California, company said its board is now investigating how much was known back in 2014.
Verizon declined to comment on Yahoo’s latest disclosure. The company’s executives have previously said Verizon is re-evaluating its deal with Yahoo because the breach could alienate a large swath of users who may rely on Yahoo’s email and other services less frequently in order to protect their privacy. If there is a user backlash, Yahoo’s services wouldn’t be worth as much to Verizon, which is counting on a large audience to sell more digital advertising.
READ MORE: Yahoo accused of forcing users to stay by disabling email forwarding
Yahoo has sought to reassure its users that the hacker no longer has access to its computers. The company also has prompted users to change their passwords and security questions to protect their accounts.
In its regulatory filing, Yahoo Inc. also revealed that the hacker created computer coding known as “cookies” that would allow someone to view information in user accounts without the need for a password. The company also said it will analyze information turned over by the FBI from a hacker claiming it came from Yahoo accounts.
Comments