Reports have emerged in the local media in the U.S. that officials are planning to issue indictments in the Yahoo security breach case with arrests happening as early as Tuesday.
A report by Bloomberg cites a person aware of the matter who revealed that at least four people could be indicted with one of them being in Canada while the other three being in Russia. The Canadian could face arrest as early as Tuesday. The person, who didn’t want to be identified because of the sensitivity of the matter, said that the Department of Justice could accuse four people of participating in the Yahoo security breaches that compromised hundreds of millions of user accounts.
Yahoo has faced two high-profile security breaches in recent years with each of the attacks leading to theft of data of millions of its users. The security breach even cast a shadow on its acquisition by Verizon with the latter demanding a reconsideration of the price. Ultimately the price was trimmed to $4.48 billion.
According to Yahoo, it first faced a massive attack in December 2013 when cyber criminals made away with information including users’ email addresses, scrambled account passwords and dates of birth of millions of users. The announcement followed news in September of a 2014 Yahoo breach that affected about 500 million customer accounts.
Yahoo has said in an official filing that it hasn’t been able to identify the intrusion associated with the 2013 breach, but maintains that the 2014 breach was a “state-sponsored” attack.
The security breaches at Yahoo saw massive management shocks with General Counsel Ronald Bell announcing his resignation while Chief Executive Officer Marissa Mayer bring stripped off of her cash bonus last year amid the investigations. A committee found no intent to suppress information about the hacks, but said key executives should have done more when the issues was discovered.
Yahoo has also revealed that the security breaches has cost it millions of dollars in the form of legal and investigative costs. Yahoo says it continues to work with a number of agencies across the US with respect to the security breaches including the U.S. Securities and Exchange Commission, Federal Trade Commission, the Manhattan U.S. Attorney’s Office, and two state attorneys general on related inquiries.