Fallout Continues from Yahoo’s Massive Data Breach

September 27, 2016, Written By John H. Oldshue
Ostersund, Sweden - June 23, 2016: Yahoo website under a magnifying glass. Yahoo is a multinational Internet corporation globally known for its Web portal, search engine Yahoo Search.

The shock waves from Yahoo’s massive data breach could produce ripple effects that go well beyond the 500 million accounts.

Yahoo informed users last Thursday that nearly 500 million accounts were stolen in 2014. The theft, which the company believes may have been state-sponsored, included names, email addresses, telephone numbers, birth dates, and in some cases, encrypted and unencrypted security questions and answers. With 500 million affected users, this is officially the largest breach in history, surpassing the 360 million users affected by the MySpace breach earlier this year.

In wake of the news, many Yahoo users, who voiced outrage that it took the company two years to discover the breach, have closed their accounts.

Many users are taking even more serious action. Two lawsuits have been filed in California. A lawsuit filed in the U.S. District Court in San Diego says the leaked personal information creates an “intrusion into personal financial matters,” and a complaint filed in U.S. District Court in San Jose says Yahoo was “grossly negligent” in discovering and reporting the breach.

The breach also has the potential of disrupting the pending deal that Yahoo has with Verizon. Yahoo has been losing users, traffic and ad revenue in recent years, and agreed to sell their core Internet business for $4.8 billion to Verizon. The deal was set to be completed in the first quarter of 2017, but Jeff Kagan, a Georgia-based industry analyst told The Washington Post, “The dark cloud this casts will be very long and will likely impact the merger agreement.”

In August, the company had said it was investigating the possible breach of 200 million accounts after a hacker named Peace posted this information for sale on the dark web. At the time, the company said that data likely came from a 2012 breach. There is no word on whether or not Peace’s recent sale came from the 2012 or 2014 breach.

The information contained within this article was accurate as of September 27, 2016. For up-to-date
information on any of the terms, cards or offers mentioned above, visit the issuer's website.