Dive Brief:
- Six senators penned a letter to Yahoo CEO Marissa Mayer on Tuesday asking her to provide more data on the massive hack disclosed last week that compromised at least 500 million accounts.
- In addition to Patrick Leahy, D-VT, the letter was signed by Senators Al Franken, D-MN, Elizabeth Warren, D-MA, Richard Blumenthal, D-CT, Ron Wyden, D-OR, and Edward J. Markey, D-MA.
- The senators want Mayer to report how the hack went unnoticed for two years, and when law enforcement and users were notified. The lawmakers also want to know what Yahoo is doing to prevent future hacks.
Dive Insight:
Leahy has been increasingly concerned with the impacts cybersecurity shortcomings have on consumers. Last year, he introduced Consumer Privacy Protection Act, which would require companies to work to defend against cyberattacks and prevent data breaches. Part of the proposed legislation includes notifying customers in the event a data breach occurs.
But the size of breach and the amount of time it went unnoticed is what has particularly attracted the Senators' attention.
"We are even more disturbed that user information was first compromised in 2014, yet the company only announced the breach last week. That means millions of Americans’ data may have been compromised for two years. This is unacceptable," the letter states.
The senators stressed that such breaches compromise the trust consumers place in businesses when they share personal data with them. Enforcing accountability for cyber attacks that affect consumers’ personal information is a growing focus for the federal government and some state governments like New York.
Some breaches are even drawing penalties to help increase corporate accountability. Earlier this week, New York Attorney General Eric Schneiderman announced Trump International Hotels Management LLC will pay New York state $50,000 over data breaches that occurred in May 2015.