Two prominent senators are upset with Yahoo for the way the company has dealt with two huge data breaches.
South Dakota Senator John Thune and Kansas senator Jerry Moran wrote a letter Friday to Yahoo CEO Marissa Meyer in which the two Republicans scolded Meyer for failing to be more upfront with lawmakers about details relating to the data breaches.
The senators allege in the letter that Yahoo officials have been ducking various lawmakers’ questions about the two hacks, both of which Yahoo disclosed in 2016. In one instance, the senators said that Yahoo backed out in the last minute for a planned congressional staff briefing about the hacks that was slated for Jan. 31.
The “last-minute cancellation” has “prompted concerns about the company’s willingness to deal with Congress with complete candor about these recent events,” according to the letter.
June 5th: The AI Audit in NYC
Join us next week in NYC to engage with top executive leaders, delving into strategies for auditing AI models to ensure fairness, optimal performance, and ethical compliance across diverse organizations. Secure your attendance for this exclusive invite-only event.
In response to the Senator letter, a Yahoo spokesperson told Fortune the company is “in receipt of the letter, reviewing it and will respond as appropriate.”
Some of the questions the senators want Yahoo to answer directly to them include the following:
What are the specific steps have Yahoo taken to identify and mitigate potential consumer harm associated with these incidents?
What steps has Yahoo taken to restore the integrity and enhance the security of its systems in the wake of these incidents?
In January, the Wall Street Journal reported that the U.S. Securities and Exchange Commission is investigating whether Yahoo should have disclosed information pertaining to the data breaches sooner to investors.
Yahoo has previously said in November regulatory filing that it is “cooperating with federal, state, and foreign governmental officials and agencies seeking information and/or documents about the Security Incident and related matters, including the U.S. Federal Trade Commission, the U.S. Securities and Exchange Commission, a number of State Attorneys General, and the U.S. Attorney’s office for the Southern District of New York.”
Yahoo has been dealing with the ramifications of two major data breaches that occurred in 2013 and 2014, but which the company only publicly disclosed in September and December 2016. Roughly 1.5 billion user accounts were compromised by the two hacks.
Although the data breach disclosures have threatened to thwart Verizon’s attempted acquisition of Yahoo for nearly $5 billion, Verizon has “not reached any final conclusions yet” on the deal and is still “working with Yahoo to assess the impact of the breaches,” said Verizon (VZ, -0.88%) CFO Matt Ellis during a January earnings call with analysts.
This story originally appeared on Fortune.com. Copyright 2017
