[Cryptography] Yahoo is sued for gross negligence over huge hacking
Kevin W. Wall
kevin.w.wall at gmail.com
Sat Sep 24 17:56:40 EDT 2016
On Sat, Sep 24, 2016 at 7:22 AM, Georgi Guninski <guninski at guninski.com> wrote:
> Yahoo is sued for gross negligence over huge hacking
>
> http://www.reuters.com/article/us-yahoo-cyber-lawsuit-idUSKCN11T2LF
> ====
> Yahoo Inc (YHOO.O) was sued on Friday by a user who accused it of gross negligence over a massive 2014 hacking in which information was stolen from at least 500 million accounts.
> ...
> Ronald Schwartz, a New York resident, sued on behalf of all Yahoo users in the United States whose personal information was compromised. The lawsuit seeks class-action status and unspecified damages.
> ====
>
> Pretty sure Yahoo have disclaimer they are "gross negligent", so the
> suing is doomed, unless the morons failed to make such disclaimer.
Perhaps not; my attorney told me (maybe about 5 years ago or so) that
in the state of
Ohio at least, you cannot "waive tort", especially in the case of
negligence. I suspect that
there are similar statutes in other states as well. However, IANAL so things may
have changed in since I last spoke with him or this case could be nuanced enough
that proving negligence is difficult, although since this is a civil
case, it would seem as though
that it may not be that hard to show a "preponderance of evidence",
especially since
this breach purportedly happened back in 2014.
I think Yahoo's bigger problem is what is this going to do with their
pending acquisition plans
by Verizon? It wouldn't surprise me if Verizon backs out of the deal
because of this. I suspect
the SEC and others will also be knocking on their door, asking who
knew what and when.
-kevin
More information about the cryptography
mailing list