WASHINGTON, November 8, 2017 – Former Yahoo CEO Marissa Mayer appeared before the Senate Commerce Committee and admitted that they have not been able to determine who was behind the massive 2013 data breach.
Every single Yahoo user found their account compromised by the 2013 hack. The company, despite the massive intrusion, only becoming aware of the effect of the hack last December (2016).
Yahoo had 3 billion users at the time, making it the largest breach in the history of the internet.
Mayer was initially hesitant to testify at the hearing, saying in June that she was not the best person to ask about certain disclosures. According to the Wall Street Journal, the committee authorized a subpoena to force Mayer to testify. Mayer eventually voluntarily appeared.
Marissa Mayer apologizes but does not explain
The data stolen included names, phone numbers, passwords, email addresses and encrypted or unencrypted security questions and answers. The Department of Justice and the FBI linked the hack to four individuals including two Russian intelligence officers. Marissa Mayer later apologized for the breaches.
In opening remarks at the Senate hearing Mayer says:
“As CEO, these thefts occurred during my tenure and I want to sincerely apologize to each and every one of our users.” .
Verizon, which acquired Yahoo in June, revealed last month that the breach actually compromised all accounts. Mayer was grilled on why it took so long for Yahoo to disclose the breach and how they underestimated the impact by billions of accounts.
Marissa Mayer and Yahoo are joined by Equifax
Along with Marissa Mayer, Congress grilled current and former CEOs of Equifax. In September, Equifax revealed that hackers had stolen the personal information of over 140 million US consumers from its website. Mayer left Yahoo in June, walking away with nearly $260 million in stock and severance pay.