Skip to main content

Yahoo will still have to face hacking lawsuit

(Image credit: Image Credit: 10 Face / Shutterstock)

Although Yahoo was acquired by Verizon in 2017 (opens in new tab), a judge has ruled that the class action complaint filed by its former customers affected in the 2014 data breach will not be thrown out. 

A motion by the web service provider's parent company Verizon to have the complaint thrown out of court has been denied by Judge Lucy Koh.  However, the scope of the suit has been reduced as parts of it were dismissed. 

Yahoo and its ownership group have been accused of failing to properly disclose and remedy the 2014 breach which led to the email accounts of three billion customers being exposed to hackers.  The company withheld information about the breach until after it had been acquired by Verizon two years later in a deal that would see it bundled with AOL to form a new company called Oath. 

According to Koh, parts of the complaint were able to hold up to scrutiny though the plaintiffs in the suit will now have to show that they actually suffered losses or damages as a result of the breach. 

Of the sixteen motions to dismiss proposed by Yahoo, Koh granted six and denied 10 which will decrease the size of the plaintiff class considerably.  However, now Oath will have to either defend Yahoo in court or pay out settlements to the affected parties. 

Yahoo's poor handling of the 2014 data breach is still a perfect example of exactly what not to do (opens in new tab) when your organisation is infiltrated by a third-party. 

Image Credit: 10 Face / Shutterstock

After getting his start at ITProPortal and then working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches to how to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.