Case Update: On March 5, 2018, Yahoo, Inc. said it will pay $80 million to settle this class action brought by investors who alleged that the company intentionally misled them about its cybersecurity practices in the wake of massive hacks that compromised 1.5 billion users' personal information, despite one of the lead plaintiffs apparently sitting out the deal.
On April 24, 2017 Pomerantz LLP was appointed Co-Lead Counsel in a class action lawsuit filed against Yahoo Inc. ("Yahoo" or the "Company") and certain of its officers. The class action, filed in United States District Court, Northern District of California, and docketed under 17-cv-00373, is on behalf of a class consisting of all persons or entities who purchased or otherwise acquired Yahoo securities between November 12, 2013 and December 14, 2016, both dates inclusive (the "Class Period"), seeking to recover compensable damages caused by defendants' violations of the Securities Exchange Act of 1934.
Yahoo, together with its subsidiaries, is a multinational technology company that provides a variety of internet services, including, inter alia, a web portal, search engine, Yahoo! Mail, Yahoo! News, Yahoo! Finance, advertising, and fantasy sports. As of February 2016, Yahoo had an estimated 1 billion monthly active users, roughly 280 million Yahoo! Mail users, and 205 million monthly unique visitors to its sites and services.
The complaint alleges that throughout the Class Period, Defendants made materially false and/or misleading statements, as well as failed to disclose material adverse facts about the Company's business, operations, and prospects. Specifically, Defendants made false and/or misleading statements and/or failed to disclose that: (i) Yahoo failed to encrypt its users' personal information and/or failed to encrypt its users' personal data with an up-to-date and secure encryption scheme; (ii) consequently, sensitive personal account information from more than 1 billion users was vulnerable to theft; (iii) a data breach resulting in the theft of personal user data would foreseeably cause a significant drop in user engagement with Yahoo's websites and services; and (iv) as a result, Yahoo's public statements were materially false and misleading at all relevant times.
On September 22, 2016, Yahoo disclosed that hackers had stolen information in late 2014 on more than 500 million accounts. Following the breach, Yahoo executives advised investors that the breach was not material, in part because the Company had not required to reset their passwords. On this news, Yahoo's share price fell $1.35, or 3.06%, to close at $42.80 on September 23, 2016.
On December 14, 2016, post-market, Yahoo announced that it had uncovered a data breach, stating that data from more than 1 billion user accounts was compromised in August 2013. Following Yahoo's announcement, several news sources reported that Verizon was considering ways to amend the terms of its deal with Yahoo to reflect the impact of the data breach and would likely seek "major concessions" from Yahoo. On this news, Yahoo's share price fell $2.50, or 6.11%, to close at $38.41 on December 15, 2016.