back to article Yahoo! must! face! the! music! over! data! breaches! judge! rules!

The corporate carcass of Yahoo! must face trial over its notorious data breaches. Late last week in this judgement [PDF], US District Court Judge Lucy Koh (Northern California) said the some of the claims over the company's 2013 and 2014 data breaches could proceed. Verizon shaved US$350 million off what it paid to acquire …

  1. gypsythief
    Coat

    There once was an almighty stink,

    At a Palace that's Purple, (not pink).

    She lost all our data,

    Oh! How we do hate her,

    But now Marissa is off to the clink!

    1. Fred Flintstone Gold badge

      You wish, but your limerick still made a nice start to the week, thanks :)

  2. chivo243 Silver badge

    Now for the Vultures

    Time to pick the bones clean... I hope Verizon put some cash aside in a high yield account when they bought! Yahoo! This won't be pretty, grabbing lots of popcorn...

    1. Anonymous Coward
      WTF?

      Re: Now for the Vultures

      If there's a high yield account out there, I want to know so I can possibly get in on the action myself. Not likely to be let in though. Not enough millions lying around.

    2. Kernel

      Re: Now for the Vultures

      "Time to pick the bones clean... I hope Verizon put some cash aside in a high yield account "

      Verizon is probably not be liable for any damages awarded - they weren't the owner of Yahoo! when the breach happened and I suspect any damages would lie with the original Yahoo! legal entity.

      This may, of course, not have much in the way of assets anymore, so the plaintiffs may well end up with nothing.

  3. J. R. Hartley

    Ya! Who?

  4. adam payne

    "Yahoo! had also tried to contend that the defendants couldn't prove that misuse of their credit cards (for example) was directly tied to the breach, because other breaches take place; the judge wasn't impressed."

    They cant prove it but you Yahoo can't disprove it either. Unless there is a card only used in one place but seriously how many people do that.

    "Judge Koh also noted that if Yahoo! had owned up to the breaches promptly, people would have been able to defend themselves by changing their passwords."

    When the true scope was known they should have put their hands up and stepped into the spotlight.

    1. Anonymous Coward
      Anonymous Coward

      They cant prove it but you Yahoo can't disprove it either. Unless there is a card only used in one place but seriously how many people do that.

      At least one here. I have a card that is only used for my storage bill. Two reasons: it's the one bill that goes through no matter what until I'm dead; should it leak somehow, I know whose gonads to crush.

      1. Shadow Systems

        Re: single retailer CC.

        My mum is a good example of exactly this. She has CC's for Amazon (where the only place she uses it is to pay for her Amazon orders), Target, Walmart, a local fabric store, & various other retailers. If the details linked to any of those cards, each card having slightly different identifiers to make its source apparent, ever gets leaked then she knows *exactly* who leaked it.

        The company can't claim the data came from any other source because it doesn't exist in any other location; the only place that exact data got used was for that specific retailer.

        She does this for tax reasons (it's easier to say which charges are tied to which CC, & each CC is for a different tax purpose) so she knows without having to sift through CC statements which charges apply to which tax catagory. Everything on CC-X is in $Catagory1, on CC-Y is $Catagory2, on CC-Z is $Catagory3, etc. That way she can hand the entire CC statement over as the receipts to prove charges on that catagory.

        The upshot of this is that she can prove that a breach of any one source HAD to come from that source since the details used to use the CC tied to that account were only used for that single source.

        Had Yahoo tried to use this "you can't prove the leak came from us" bullshite, mum could have countered "Wanna bet?" & slapped them with the proof that they were utterly wrong.

        This single retailer single CC tactic isn't an uncommon one. Mum is just one of many in her network of sewing/craft circle that does this for tax reasons. If they run a business that does crafts, they put all the craft charges on a specific CC so they can then use that CC as "a corporate card" tied to that business. Everything charged to that card is now a business expense, written off on their taxes. If the details for that card get leaked, and they only ever use that card at a specific retailer, then that retailer is up shite creek without so much as a life preserver when it comes to the customer proving the retailer as the source/responsible party.

        It's a tactic only made all the easier by every retailer & their dog trying to get a customer to sign up for a branded CC with that retailer. Go ahead & sign up! Use data specific to that retailer, used nowhere else but THAT retailer, & make sure you use it to pay for ONLY things from that retailer. The retailer can then data mine your purchase history all they like, the only data they get is stuff for their own store/products. Since you never use that CC anywhere else they can't cross link it to your buying habits at anywhere else nor anything else. If the data you used with that card ever leaks, you know EXACTLY where that data leaked from & whose nipples to nail to the wall.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like