Yahoo's Mayer points to Russians in data-breach apology

Adjust Comment Print

Yahoo!'s former CEO Marissa Mayer testified before congress Wednesday about a security breach that happened in August 2013.

Yahoo and Equifax are going to need a lot of sorry cards.

John Thune (R-S.D.), chairman of the Senate Committee on Commerce, Science, and Transportation, today convened a hearing titled, "Protecting Consumers in the Era of Major Data Breaches".

Equifax, a credit-monitoring agency, lost 145 million Americans' social security numbers and personal information, a data breach that will affect more than half the USA population for generations.

In the case of Equifax, they also questioned the firm's collection of financial data without permission of the individual involved.

"When you think of a sophisticated state actor, China or Russian Federation, your companies can't stand up against them", said Florida's Senator Bill Nelson. But- despite prodding from senators -Equifax CEO Paulino do Rego Barros Jr. did not agree to stop use of controversial artibration agreements, nor did he commit Equifax to doing personalized outreach, free credit monitoring, or extended benefits to veterans. Verizon bought Yahoo in June, with the data theft shedding $350 million off the deal.

The US has accused state-sponsored Russian hackers of being behind one of the Yahoo attacks, involvement the Kremlin denies.

Massive World of Warcraft Diorama At BlizzCon Sets World Record
Humans war without having to buy a new expansion will be happy to know that Blizzard is working on its own vanilla server. Titled " Battle for Azeroth ", this new expansion aims to reignite age-old tensions between the Horde and the Alliance.

"As CEO, these thefts occurred during my tenure, and I want to sincerely apologize to each and every one of our users", she told the Senate Commerce Committee, testifying alongside the interim and former CEOs of Equifax Inc and a senior Verizon Communications Inc executive. Mayer said it's still unclear who is behind the 2013 hack.

Mayer apologized for both breaches and said that its hard for companies to fight against state-sponsored attackers who "tend to be more sophisticated, more persistent and who attack more targets.They're very good at hiding their tracks", she said.

"Apologize deeply to American public for breach that we had", added former Equifax CEO Richard Smith. He said that app is in development and may release in January.

Yahoo required users to change passwords and took new steps to make data more secure, Mayer said.

Mayer said Yahoo successfully defended itself against a barrage of state-sponsored and private hacks over the years and even employed hackers to test the company's defenses. Smith said Equifax decided not to encrypt its massive database of sensitive data because it felt its firewalls and layers of security were enough.

Yahoo initially revealed its breach past year, later lowering the price for its main web properties for a sale to Verizon Communications Inc. The company's website received 420 million visits, but only 30 million people have actually used it.

"Under current law, even some of the most egregious examples of lax security can be met only with apologies and promises to do better next time, not fines or other penalties or real deterrents", Sen.