SAN FRANCISCO — Internet portal and search firm Yahoo may confirm this week a massive data breach that exposed information about tens of millions of its users, according to the technology news website Recode.
The confirmation would follow a Yahoo investigation into claims that surfaced in early August that a hacker using the name “Peace” was trying to sell the usernames, passwords and dates of birth of Yahoo account users on the dark web a black market of thousands of secret websites.
A Yahoo representative was not immediately available to comment on the report.
The breach may affect up to 200 million user accounts, Recode reported.
Word of the breach is not surprising given the hacker chatter surrounding the company, said Alex Heid, chief research officer at SecurityScorecard, real-time cybersecurity rating and risk monitoring platform..
There have been numerous underground conversations surrounding the tech giant since late June, he said.
The expected confirmation also comes as Yahoo looks to complete its $4.8. billion sale of its core Internet business to media giant Verizon Communications.
Should it prove to be so, and given the unsettled nature of Yahoo’s ownership just now, “regulators should be concerned with who will take responsibility for the response to this compromise.
It can be easy for the ‘right thing to do’ to slip through the cracks in a multi-billion dollar transition, said Tim Erlin, senior director of IT security and risk strategy at Tripwire, a computer security firm.
Yahoo Chief Executive Officer Marissa Meyer stands to earn as much as $44 million if she leaves the company as part of that deal.