Since Yahoo disclosed two mega-breaches late last year, its executives have met almost daily with CEO Marissa Mayer for working sessions focused on improving the company’s cybersecurity posture. Employees have also received weekly security presentations from Yahoo CISO Bob Lord at the company’s all-hands meetings. The new working sessions and briefings are part of an internal effort to promote a security culture as the company approaches its upcoming acquisition by Verizon.
But the executive-level concern over security may be seen as too little, too late by a Senate committee that is questioning Yahoo on its reaction to the breaches. Data from over 1 billion accounts was stolen from Yahoo in 2013, data from 500 million accounts was stolen in 2014, and attackers used forged cookies to access user accounts without a password in 2015 and 2016.
Senators John Thune and Jerry Moran sent Yahoo a stern letter earlier this month demanding answers about the company’s response to the breaches after Yahoo canceled a scheduled briefing with staff from the Senate Committee on Commerce, Science and Transportation. The committee sought information about “the nature of the incident, those affected, and steps the company had taken to identify and mitigate consumer harm, beyond what was already known publicly.” Yahoo has finally responded with a handful of new details about the massive security incidents.
Continue reading at TechCrunch.com....
Call me at
• Independent Life & Health Insurance Agent
• LegalShield & IDSheld Independent Associate & Director