Two Republican senators are demanding more answers from Yahoo Chief Executive Marissa Mayer about its massive data breaches that were uncovered last year.
In a letter addressed to Mayer, Sen. John Thune (R., S.D.), chairman of the Senate Commerce Committee, and Sen. Jerry Moran (R., Kan.), chairman of the panel’s consumer protection and data security subcommittee, rebuked Yahoo for not providing enough information to lawmakers on the matter.
The senators said Yahoo’s last-minute cancellation of a congressional staff briefing that was scheduled for 31 January meeting has prompted concerns about the company’s willingness to deal with Congress with complete candor about these recent events.
Last September, Yahoo disclosed a 2014 data breach that resulted in stolen information associated with at least 500 million user accounts.
It was the largest known commercial data breach until the company unveiled in December that in 2013 hackers stole information linked to more than 1 billion accounts.
The senators said: “Despite several inquiries by committee staff seeking information about the security of Yahoo! user accounts, company officials have thus far been unable to provide answers to many basic questions about the reported breaches,”
“Yahoo! has not attempted to supplement its answers to the Committee as new information has become available, despite committing to do so,” they added.
Thune and Moran sent five questions to Mayer, including queries over how many users were affected by the data breaches and if it included sensitive personal information.
The senators requested a detailed timeline of the incidents, information on when Yahoo sent notifications to law enforcement agencies and what steps the company took to identify and mitigate potential consumer harm associated with the data breaches.
Yahoo has been allowed to send its responses by no later than 23 February.
Citing a Yahoo spokeswoman’s email, the Wall Street Journal reported that the company was reviewing the letter and would respond as appropriate.
