Yahoo was fined Tuesday by British regulators over the colossal 2014 data breach that compromised the personal information of roughly 500 million user accounts.
The U.K. Information Commissioner’s Office (ICO) has fined Yahoo’s British subsidiary £250,000 (about $334,000) over the historic data breach, citing “systemic failures” on the internet company’s part.
“People expect that organisations will keep their personal data safe from malicious intruders who seek to exploit it,” said James Dipple-Johnstone, ICO deputy commission of operations. “The failings our investigation identified are not what we expect from a company that had ample opportunity to implement appropriate measures, and potentially stop U.K. citizens’ data being compromised,” he said in a statement.
Yahoo’s parent company, Oath, does not comment on regulatory action, a representative told The Washington Times.
Data regulators began investigating Yahoo after the Silicon Valley company revealed in September 2016 that information pertaining to roughly half-a-billion user accounts had been compromised two years earlier, including associated names, email addresses, telephone numbers, birthdates and unencrypted security questions and answers.
British investigators ultimately determined that the breach violated a provision of the U.K. Data Protection Act 1998 that requires that companies take appropriate technical and organizational measures to protect user data.
A total of over 500,000 U.K. accounts were affected by the breach, British investigators concluded.
Yahoo faced a maximum penalty of £500,000 for violating the act, the ICO said in a statement.
Russian state-sponsored hackers were behind the Yahoo 2014 breach, according to the U.S. Department of Justice. Karim Baratov, a Canadian “hacker for hire” charged with using the stolen data to help Russian spies, was sentenced last month to five years behind bars for his involvement in the conspiracy.
Copyright © 2018 The Washington Times, LLC. Click here for reprint permission.
Source : https://www.washingtontimes.com/news/2018/jun/12/yahoo-fined-british-data-regulators-over-2014-brea/406