Users Affected by Yahoo’s Massive Data Breach Will Be Able to Sue, a Judge Has Ruled

James Tennent

Victims of the massive data breaches that exposed 3 billion email accounts will be able to sue Yahoo after a judge ruled that users may have acted differently had the company been more forthcoming about the hacks.

Yahoo’s parent company, Verizon Communications, had attempted to have many claims thrown out, saying that company was the target of “relentless criminal attacks,” Reuters first reported.

U.S. District Court Judge Lucy Koh did not accept Verizon’s reasoning, instead noting the plaintiffs' allegation that had Yahoo “disclosed the security weaknesses,” they would have acted differently toward their data on the site.

Trending: Premier League Transfer News: Arsenal Ready to Oust Star Player, Manchester United Block Move

A breach of 1 billion Yahoo accounts was first disclosed in 2016 as Verizon sought to buy the internet company, a finding that ended up shaving hundreds of millions off the selling price. It was called “one of the most audacious hacks of all time.”

In October 2017, the company then amended the number of affected accounts to 3 billion, suggesting it to be by far the biggest data breach of all time. 


Interim CEO of Equifax Paulino Barros, former CEO of Equifax Richard Smith, former CEO of Yahoo Marissa Mayer and Deputy General Counsel and Chief Privacy Officer for Verizon Communications Karen Zacharia testify during a hearing before the Senate Commerce, Science and Transportation Committee on November 8, 2017, on Capitol Hill in Washington, D.C. A U.S. district judge ruled that victims of the Yahoo data breach will be able to sue the company. Alex Wong/Getty Images

Don't miss: Trump 'Offered Stormy Daniels a Spot on The Apprentice'

The plaintiffs in the case alleged that the hack led to their information being leaked and subsequently used for fraudulent activities. They alleged that Yahoo knew about security vulnerabilities back in 2012 and about a 2014 hack as it occurred.

“Plaintiffs explain that, had they known about the inadequacy of these security measures, they ‘would have taken measures to protect themselves.’” Koh writes, saying that they had sufficiently shown that they would have acted differently had Yahoo disclosed the issues.

A message from Newsweek asking Verizon for comment on the ruling did not receive an immediate reply.

Most popular: John Cena vs The Undertaker at WrestleMania 34? WWE Superstar Calls Out 'Deadman'

Related: Cryptocurrency exchange Binance posts $250,000 reward for hackers’ arrest

In March 2017, the U.S. Justice Department indicted four people in connection with the Yahoo hacks, two of whom were alleged Russian spies. Yahoo had previously said that “state-sponsored actors” were behind the breaches.

“Silicon Valley’s computer infrastructure provides the means by which people around the world communicate with each other in their business and personal lives,” U.S. Attorney for the Northern District of California Brian Stretch said at the time, “The privacy and security of those communications must be governed by the rule of law, not by the whim of criminal hackers and those who employ them. People rightly expect that their communications through Silicon Valley internet providers will remain private, unless lawful authority provides otherwise.”

This article was first written by Newsweek

More from Newsweek

By using Yahoo you agree that Yahoo and partners may use Cookies for personalisation and other purposes