Yahoo’s EU regulator orders privacy changes over data breach
DUBLIN (Reuters) – Yahoo’s European regulator has ordered it to make privateness adjustments following a probe into what it stated was one of many largest ever knowledge breaches to affect EU residents.
Yahoo, most of whose property have been acquired by Verizon Communications Inc (VZ.N), stated in 2016 that no less than 500 million of its accounts had been hacked two years earlier by cyber thieves who could have stolen names, electronic mail addresses, phone numbers, dates of beginning and encrypted passwords.
Eire’s Knowledge Safety Commissioner (DPC), the lead European regulator on privateness points for Yahoo as a result of the corporate’s European headquarters are in Dublin, stated on Thursday that Yahoo’s knowledge processing operations didn’t meet the requirements required by EU regulation.
The breach affected round 39 million European customers and was the biggest the DPC has each investigated, it stated.
It ordered the web firm to take specified actions, together with making certain that every one its knowledge safety insurance policies take account of the relevant knowledge safety regulation, and are reviewed and up to date at outlined common intervals.
It additionally should replace its knowledge processing contracts and procedures related to such contracts to adjust to knowledge safety regulation.
The DPC, which additionally regulates different on-line giants comparable to Fb (FB.O) and Apple (AAPL.O), was not in a position to tremendous the corporate for the breach. Below a brand new EU-wide knowledge safety regulation that got here into pressure final month, it might probably problem fines of as much as 20 million euros or four p.c of an organization’s world turnover.
Reporting by Padraic Halpin; Enhancing by Alexandra