Full title in original language:
Yahoo’s $35M SEC Settlement: Takeaways from the First Enforcement Action for Failure to Disclose a Data Breach
Education level:
University University (18+ years)Topic / subtopic:
Cybercrime Privacy & personal dataTarget audience:
Students,
Teachers / Lecturers
Type of resource:
Publication / Article
Languages:
English
Region of relevance:
Global
Access:
open access
Individual authors:
Michael S. Dicke, Alexis I. Caloza
Publication year:
2018
Published by:
Fenwick and West LLP
Copyright holder:
© Fenwick and West LLP
Contact name and address:
Fenwick and West LLP
Contact website:
Key themes:
cyber, cybercrime, forensic, investigation, privacy, data, data breach
Links:
Short description:
The U.S. Securities and Exchange Commission announced on April 24, 2018, that Yahoo! — now known as Altaba — agreed to pay a $35 million penalty to settle claims that the company failed to timely disclose a 2014 data breach that compromised hundreds of millions of user accounts. The settlement marks the first time that the SEC has brought an enforcement action alleging that a company’s failure to disclose a breach violated the federal securities laws. The Yahoo action follows on the heels of the SEC’s February 2018 interpretative guidance on public company cybersecurity disclosures, discussed in a previous Fenwick alert, which was widely seen as a further signal that the SEC would be more closely scrutinizing public company responses to cybersecurity incidents.