Home Sen. Warner calls on SEC to investigate disclosure of Yahoo breach
Local

Sen. Warner calls on SEC to investigate disclosure of Yahoo breach

Contributors

mark warnerU.S. Sen. Mark R. Warner (D-VA), a member of the Senate Intelligence and Banking Committees and cofounder of the bipartisan Senate Cybersecurity Caucus, sent a letter to the U.S. Securities and Exchange Commission calling on the agency to investigate whether Yahoo, Inc. fulfilled its obligations under federal securities laws to keep the public and investors informed about the nature of a security breach that has affected more than 500 million accounts.

“Data security increasingly represents an issue of vital importance to management, customers, and shareholders, with major corporate liability, business continuity, and governance implications,” wrote Sen. Warner, a former technology executive. “Yahoo’s September filing asserting lack of knowledge of security incidents involving its IT systems creates serious concerns about truthfulness in representations to the public.  The public ought to know what senior executives at Yahoo knew of the breach, and when they knew it.”

While Yahoo announced last week that it suffered a major breach in 2014, press reports seem to indicate the company may have been aware of the hack as early as July of this year. Under federal law, public companies are required to disclose material events to shareholders within four business days.

“I encourage you to investigate whether Yahoo and its senior executives fulfilled their obligations to keep investors and the public informed, and whether the company made complete and accurate representations about the security of its IT systems. Additionally, since published reports indicate fewer than 100 of approximately 9,000 publicly listed companies have reported a material data breach since 2010, I encourage you to evaluate the adequacy of current SEC thresholds for disclosing events of this nature,” added Sen. Warner.

Sen. Warner has been a leader in calling for better consumer protections from data theft. In the aftermath of the Target breach that exposed the debit and credit card information of 40 million customers, Sen. Warner in 2014 chaired the first congressional hearing on protecting consumer data from the threat posed by hackers targeting retailers’ online systems. Sen. Warner also partnered with the National Retail Federation to establish an information sharing platform that allows the industry to better protect consumer financial information from data breaches.

Sen. Warner currently is working on bipartisan legislation to create a comprehensive, nationwide and uniform data breach standard requiring timely consumer notification for breaches of financial data and other sensitive information.

Contributors

Contributors

Have a guest column, letter to the editor, story idea or a news tip? Email editor Chris Graham at [email protected]. Subscribe to AFP podcasts on Apple PodcastsSpotifyPandora and YouTube.