half a billion users at risk in a state-sponsored attack.
The fine comes after a 2014 cyber attack which left the details of millions of Yahoo account holders at risk. While there were 8 million UK Yahoo account holders, around 500,000 Brits were affected by the hack, while Sky email customers, which used Yahoo technology, were also affected.
The Information Commissioners Office, which issued the fine to Yahoo! UK Services Ltd, now part of US telecoms giant Verizon, said the company “failed to take appropriate technical and organisational measures to protect the data”.
earlier in May, shortly before a crackdown on European data rules as part of the new General Data Protection Regulation. Under the new laws, companies that suffer data breaches could be liable for fines of up to 20m, or 4pc of global turnover.
Yahoo blamed Russian hackers for the attack and last year the US government prosecuted two spies allegedly involved in the cyber attack.
“People expect that organisations will keep their personal data safe from malicious intruders who seek to exploit it,” said ICO deputy operations commissioner James Dipple-Johnstone. “The failings our investigation identified are not what we expect from a company that had ample opportunity to implement appropriate measures, and potentially stop UK citizens’ data being compromised.”
While the ICO was limited in the fine it could mete out to Yahoo by previous data laws, the £250,000 pales in comparison to the massive $35m fine that US Securities Exchange Commission issued to Altaba, a holding company that has sold the Yahoo business but which maintains liability.
500 million Yahoo users were stolen by hackers in one of the biggest known data breaches ever. Personal information including names, email addresses, telephone numbers, birth dates, encrypted passwords and even security questions were all stolen.
$350m off Verizon’s multi-billion dollar deal.
Published at Tue, 12 Jun 2018 12:53:33 +0000