Yahoo to pay out £39 million after massive data breach

Affected users will get free credit monitoring service as well

Yahoo will pay out $50 million (39 million) in damages and offer free credit monitoring services to millions of its users after a data breach in 2013 led to around three billion accounts being compromised by hackers.

According to reports by Associated Press, the money will go to 200 million people affected by the hack. The company agreed to the compensation as part of a court settlement awaiting federal judge approval.

The attack in 2013, thought to be state-sponsored, stole personal details such as names, email addresses, dates of birth, phone numbers and hashed passwords. Yahoo stated that passwords, credit card numbers and bank account information were not stolen in the attack. The breach was not disclosed until 2016.

Yahoo revealed the problem after its sold its business to Verizon Communication. The price was later discounted by $350 million to reflect the problems caused by the breach to reputation.

The settlement will see Verizon paying half the costs with the other half picked up by Altaba Inc., a company set up to hold Yahoo's investments in Asian companies and other assets after the sale. In addition to this, Yahoo will pay $35 million on case-related lawyer fees and offer US users credit monitoring services for two years.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Claims for a part of the compensation fund can be submitted by an eligible Yahoo account user who suffered losses as a result of the breach. Account holders will be compensated at $25 per hour for time spent dealing with problems caused by the breach.

The report said that people with documented losses can ask for up to 15 hours of lost time, or $375.

Premium Yahoo account users who paid up to $50 per year for an email account will be eligible for a 25% refund.

Featured Resources

What you need to know about migrating to SAP S/4HANA

Factors to assess how and when to begin migration

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

Testing for compliance just became easier

How you can use technology to ensure compliance in your organisation

Download now

Best practices for implementing security awareness training

How to develop a security awareness programme that will actually change behaviour

Download now
Advertisement

Recommended

Visit/security/internet-security/354417/avast-and-avg-extensions-pulled-from-chrome
internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019
Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Visit/policy-legislation/data-governance/354496/brexit-security-talks-under-threat-after-uk-accused-of
data governance

Brexit security talks under threat after UK accused of illegally copying Schengen data

10 Jan 2020
Visit/security/cyber-security/354468/if-not-passwords-then-what
cyber security

If not passwords then what?

8 Jan 2020
Visit/policy-legislation/31772/gdpr-and-brexit-how-will-one-affect-the-other
Policy & legislation

GDPR and Brexit: How will one affect the other?

9 Jan 2020
Visit/web-browser/30394/what-is-http-error-503-and-how-do-you-fix-it
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020