Yahoo Inc Sued — Accused of gross negligence over massive 2014 hacking of 500 million accounts’ Personal Information

By Jonathan Stempel

(Reuters) – Yahoo Inc was sued on Friday by a user who accused it of gross negligence over a massive 2014 hacking in which information was stolen from at least 500 million accounts.

The lawsuit was filed in the federal court in San Jose, California, one day after Yahoo disclosed the hacking, unprecedented in size, by what it believed was a “state-sponsored actor.”

Ronald Schwartz, a New York resident, sued on behalf of all Yahoo users in the United States whose personal information was compromised. The lawsuit seeks class-action status and unspecified damages.

A Yahoo spokeswoman said the Sunnyvale, California-based company does not discuss pending litigation.

The attack could complicate Chief Executive Marissa Mayer’s effort to shore up the website’s flagging fortunes, two months after she agreed to a $4.8 billion sale of Yahoo’s Internet business to Verizon Communications Inc .

Yahoo on Thursday said user information including names, email addresses, phone numbers, birth dates and encrypted passwords had been compromised in late 2014.

But the lawsuit suggested that the breach might have been warded off had Yahoo, having been targeted by hackers before, lived up to its promise of taking user privacy “seriously” and bulked up its security measures.

It also faulted Yahoo for taking roughly three times longer than organizations typically need to uncover the breach.

© AFP | Cryptologist Bruce Schneier called the Yahoo hack the ‘biggest data breach ever’

Yahoo demonstrated “reckless disregard for the security of its users’ personal information that it promised to protect,” according to the complaint.

Schwartz is represented by two large U.S. class-action specialists, the law firms Robbins Geller Rudman & Dowd and Labaton Sucharow.

The case is Schwartz v Yahoo Inc, U.S. District Court, Northern District of California, No. 16-05456.

(Reporting by Jonathan Stempel in New York; Editing by Chris Reese and Alan Crosby)


In 2012, Yahoo had more than 1 billion user accounts in its databases. User passwords were protected via a cryptographic algorithm called MD5, which can be cracked using the latest password-breaking techniques, said a source familiar with the situation.

The company in 2012 dealt with a data breach that allowed a hacker group to download 453,000 unencrypted usernames and passwords.

Last year, Yahoo launched a program to detect and notify users when it strongly suspects that a state-sponsored actor has targeted an account. Not including the current investigation, roughly 10,000 users have been notified.

, , , , , , , , , , , ,, , ,, , , , , , , ,

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

One Response to “Yahoo Inc Sued — Accused of gross negligence over massive 2014 hacking of 500 million accounts’ Personal Information”

  1. daveyone1 Says:

    Reblogged this on World Peace Forum.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: