Published: Thu, November 09, 2017
Markets | By Rosalie Gross

Congress tackles data breaches

Congress tackles data breaches

Former Yahoo Chief Executive Marissa Mayer and ousted Equifax CEO Richard Sherman appeared before Congress on Wednesday, offering explanations and apologies for how billions of user accounts and identities were disseminated through hacks at their companies.

The 42-year-old, who testified before the Senate Commerce Committee on Capitol Hill in Washington on Wednesday, said the thefts occurred during her almost five-year tenure and she wants to 'sincerely apologize to each and every one of our users'. Also testifying will be a witness with expertise on protecting financial data.

It disclosed in October that a 2013 Yahoo data breach affected all 3 billion of its accounts, compared with an estimate of over 1 billion disclosed in December.

While testifying, the 42-year-old said she wants to "sincerely apologize to each and every one of our users.' She said that the company defended itself against a barrage of state-sponsored and private hacks over the years". "It's going to take an attitude change among companies such as yours that we've got to go to extreme limits to protect our customers' privacy". Thune also pressed Equifax's former CEO Richard Smith and interim CEO Paulino Barros on Equifax's known security vulnerabilities that led to its recent data breach and how the company is now addressing these issues.

The digital diva - who left the helm of Yahoo earlier this year after it was acquired by Verizon - was forced to testify with a subpoena after she refused several requests to testify voluntarily, according to a Tuesday report.

More news: Here's how to add a virtual home button to your iPhone X

Mayer told the committee that Yahoo learned of a state-sponsored attack on its system in late 2014, and promptly reported it to law enforcement and notified users who were impacted by the hack.

In March, federal prosecutors charged two Russian intelligence agents and two hackers with masterminding the 2014 theft of 500 million Yahoo accounts, the first time the USA government has criminally charged Russian spies for cyber crimes. So far, no nation-state connection to the much larger 2013 breach has been revealed.

Senators questioning the CEOs were not optimistic about future security breaches.

During her tenure as CEO, she said, Yahoo roughly doubled its internal security staff and made significant investments in its leadership and team. Indeed, the former CEO said, much of the facts behind the breaches remain shrouded in mystery.

"We verified that it came from Yahoo, but we don't exactly understand how the act was perpetrated", she told the committee.

Like this: