Yahoo, the soon-to-be Verizon owned company, is now facing class-action lawsuits from people who believe that their accounts have been hacked in the massive security breach confirmed just yesterday. They both are accusing the company for failing to secure customer data — putting their financial and personal data at risk — from a state sponsored attack in 2014.
The lawsuit has been filed a New York resident and seeks class-action status on behalf of other Yahoo users whose data/account has been involved in the breach. Similar case have been filed by users in Illinois and San Diego.
As a result of the company’s failure to establish and implement basic data security protocols, contrary to Yahoo’s guarantees, its users’ personal information is now in the hands of criminals and/or enemies of the U.S.,
reads the complaint filed in San Jose federal court on Friday.
The plaintiff Ronald Schwartz has rebuked Yahoo for failing to identify the data breach until a few months ago, when the rumors of the data being sold on the dark web started surfacing on the interwebs. He is asking the court to order Yahoo to compensate users for any damages resulting from fraud and also pay for measures to identify and safeguard compromised accounts.
Yahoo was so grossly negligent in securing its users’ personal information that it says that it did not even discover the incident until the summer of 2016.
Defendant’s misconduct was so bad that it evidently allowed unauthorized and malicious access to plaintiff’s and the class’s personal information on defendant’s computer systems to continue unimpeded for nearly two years
he says in the complaint.
For those unaware, the internet has previously been abuzz with rumors of hundreds of millions of Yahoo accounts on the platform being compromised in 2014, with their login data being sold on the dark web for a meager $1,800. Most people had been contemplating that the rumors were all lies and there was no security breach.
But, Yahoo dropped the ball when it confirmed that the rumors of the breach were in-fact true and information associated with at least 500 million user accounts(what!? seriously!?) was stolen from its network in 2014. The company added that the data stolen may have included names, email addresses, telephone numbers, dates of birth and hashed passwords. And it isn’t too sure about the presence of unprotected passwords, payment card data or bank account information.
Yahoo spokespersons have declined to comment on any ongoing lawsuit or investigations into their company.