×

Yahoo CEO Mayer knew about data breach in July: Report

Yahoo CEO Marissa Mayer has known that Yahoo was investigating a serious data breach since July, but withheld the information from investors, regulators and acquirer Verizon until this week, according to Financial Times reporters.

"Marissa was aware absolutely — she was aware and involved when Peace surfaced this allegation in July," the FT reports, citing a person briefed on Yahoo's internal discussions.

"[She] was part of the investigation and conversation from the very beginning and along with the team every step of the evidentiary gatherin and analysis process. In fact, the key executive team has been engaged from the very beginning."

If that allegation proves to be true, Yahoo could find itself drawing the attention of the SEC, experts told the FT.

Chatter about the breach started bubbling up on the dark web in late July and early August, with people asking for anyone who had purchased the database to share it with them, Alex Heid, chief research officer at cybersecurity firm Security Scorecard, told CNBC. Cybersecurity researchers are not always required to report such findings to the victims or law enforcement, but often do so.

On Thursday, Yahoo's confirmation of a 2014 breach resulting in the theft of more than 500 million user accounts — the largest hack in history — left a lot of questions unanswered. Yahoo has yet to formally acknowledge when it learned of the breach, which remains the biggest unanswered question to industry insiders.

"This is an important detail in the story," Jeremiah Grossman a former Yahoo infosecurity officer, now at SentinelOne, told CNBC in an email.

"Additionally, there are questions to be answered around Yahoo's claim that this was a state-sponsored hacker," he said.

State-sponsored hackers do not typically publicly share stolen data or sell it, as the hacker who has claimed responsibility for the breach has been doing raising the possibility that we are looking at two different Yahoo breaches with two different hacking groups in their system, he said.


Yahoo issued this statement: "As we disclosed yesterday, a recent investigation by Yahoo has confirmed that a copy of certain user account information was stolen from our systems in late 2014 by what we believe is a state-sponsored actor. Our investigation into this matter is ongoing and the issues are complex. Some things, however, are clear: Yahoo has never had reason to believe there is any connection between the security issue disclosed yesterday and the claims publicized by a hacker in August 2016. Conflating the two events is inaccurate."