Yahoo Data Breach Lawsuit

Yahoo Data Breach Lawsuit Hero Image

Our attorneys at Morgan & Morgan have filed the biggest class action of all-time against online platform Yahoo over a series of data breaches that ultimately leaked data such as the usernames, passwords, email addresses, and phone numbers of all three billion of the company’s users.

Our firm and our class action attorney John Yanchunis were named Lead Plaintiffs’ Counsel in the class action against Yahoo. They’ll use this position to help obtain justice for the people who relied on Yahoo to protect their information, but whose trust was shattered.

If you’ve suffered financial losses because of a Yahoo data breach, contact us for a free, no-risk case evaluation. Our attorneys are here to help you.

The Story Behind the Yahoo Data Breach Fiasco

Worldwide, the Verizon-owned Yahoo has three billion account holders who use the company’s various web services, such as email, news offerings, web portal, and forums.

The problem is that for years those users’ personal information was exposed without anyone telling them — even, perhaps, without Yahoo realizing the company had been hacked. The pioneering internet company, founded in 1994, encountered data breaches in 2013 and 2014 that it did not report until late 2016 and early 2017.

If you’re a Yahoo user, that means you were likely one of the affected parties.

The announcements about the data breaches started coming in late 2016.

In September of that year, Yahoo announced that hackers stole 500 million users’ data in 2014. The information included names, email addresses, dates of birth, phone numbers, and passwords. In other words, it was enough data to put people at risk of a form of identity theft.

The shocking news had a sequel when a few months later the company announced that a full one billion users’ information was stolen in August 2013. Experts anticipated the Yahoo data breaches could lead to further hacking, considering the depth and breadth of the data leak.

After that second announcement, Morgan & Morgan attorneys filed a negligence lawsuit against Yahoo for both failing to protect consumer data and failing to inform them of the breaches. In February 2017, Morgan & Morgan gained the lead counsel spot.

But the story wasn’t over. In October 2017 Yahoo announced that every single one of its users’ accounts was exposed in the 2013 hack — three billion in all.

How Much Will Yahoo Have to Pay Users for the Data Breaches?

Our attorney Mr. Yanchunis highlighted the unbelievable situation surrounding the Yahoo data breaches.

“It’s inconceivable that Yahoo either failed to detect the breach for two years, or it knew of the breach in 2014 and intentionally disregarded the privacy interests of consumers and breach notification laws by failing to inform consumers of the breach for two years,” he said.

Most states, such as California, where our class action was filed, have laws requiring companies to inform consumers of data breaches within 30 days of the breaches’ discovery.

“It’s inconceivable that Yahoo either failed to detect the breach for two years, or it knew… and intentionally disregarded the privacy interests of consumers and breach notification laws…”

Mr. Yanchunis said at a press conference that the lawsuit will seek stronger cybersecurity measures from Yahoo “to make sure that this never happens again.”

The lawsuit seeks damages for those who suffered financially as a result of the breach. Mr. Yanchunis said it is too early to determine how much the damages could be, but estimated it could be in the hundreds of millions of dollars.

How to Protect Yourself from Data Breaches

Although the Yahoo hacks didn’t include key financial information like social security numbers or bank account information — which happened with the recent Equifax breach — that doesn’t mean the hack won’t cause problems for people.

One thing a hacker could do is use your email address and/or phone number to change your passwords for any accounts you have tied to that email address or phone number, thereby locking you out. This could expose you to real financial losses.

It’s important that you change your password for your Yahoo account — make sure it’s something entirely different than the one exposed in the breach. If you use that same, affected password for any other accounts, change those passwords, too.

In general, it’s good to use a unique, strong password for each account you have. Some password management tools exist that make it easy for you to maintain dozens of strong passwords without forgetting them or having to write them down.

It’s also good to set up “multi-factor,” sometimes called “two-factor,” logins. In addition to a password, this method also requires an additional layer of security, such as entering in a PIN or code messaged to your phone.

What Should I Do If the Hack Affected Me?

If you suffered financial losses because of the Yahoo data breach, our attorneys would like to hear from you.

Fill out our free, no-risk case evaluation to learn if you’re eligible to participate in a class action lawsuit today. You could be eligible for compensation for losses suffered from the Yahoo data breach.