US senator seeks SEC probe of Yahoo disclosure on hacking
WASHINGTON: Democratic Senator Mark Warner asked the US Securities and Exchange Commission to investigate whether Yahoo and its senior executives fulfilled obligations to inform investors and the public about a hacking attack affecting 500 million user accounts.
“Disclosure is the foundation of federal securities laws, and public companies are required to disclose material events that shareholders should know about,” Warner said in a letter to SEC Chairwoman Mary Jo White.
Yahoo has faced pointed questions about exactly when it knew about the 2014 cyber attack announced last week that exposed the email credentials of half a billion accounts, a critical issue for the company as it seeks to prevent the breach from affecting a pending takeover of its core business by Verizon Inc.
Warner also asked the SEC to probe whether Yahoo has “made complete and accurate representations” about the security of its information technology systems, and for the agency to evaluate its current thresholds for how and when companies need to report a material data breach.
Although the SEC has longstanding guidance on when publicly traded companies should report hacking incidents, companies that have experienced known breaches often omit those details in regulatory filings, according to a 2012 Reuters investigation.
In a Sept 9 regulatory filing with the SEC, Yahoo stated it did not have knowledge of “any incidents of, or third party claims alleging ... unauthorized access” of personal data of its customers that could have a material adverse effect on Verizon’s acquisition. — Reuters