On April 24, 2018, the SEC announced that Altaba Inc., f/k/a Yahoo, would pay $35 million for misleading investors by waiting nearly two years to acknowledge a computer breach. This is the first such penalty levied against a publicly traded company for failing to disclose a cyberattack. The SEC claims that Yahoo officials learned of the breach days after it happened in December 2014 but failed to disclose to investors that Russian hackers had broken into its database until September 2016. For more information, see our Jones Day Commentary.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.