An SEC filing by Yahoo! on Thursday reveals the company was aware of attempts to breach its systems long before the hack of 500 million accounts announced in September, which may affect the price the company can sell itself to Verizon for. Above, Marissa Mayer, CEO, President and Director of Yahoo!, listens to David Karp, CEO of Tumblr, during her key note address at the 2014 International CES in Las Vegas. File photo by Molly Riley/UPI | License Photo
WASHINGTON, Nov. 11 (UPI) -- In September, weeks after announcing a merger with Verizon, Yahoo! announced it had just discovered a massive security breach. It turns out, however, the company was aware of an intruder to its systems, which may throw a wrench into the Verizon deal.
Yahoo! said in a Securities and Exchange Commission filing Thursday that some employees were aware of a breach in early 2014 by a "state-sponsored actor" and has launched an investigation to find out how many people who knew.
The company acknowledged a breach that compromised data for 500 million accounts in September, but the revelation that it was aware of the risk of a hack or the hack itself far earlier that it admitted could cause it some problems.
In response to the disclosures -- the hack itself was not revealed until after Verizon and Yahoo! closed the $4.8 billion deal -- Verizon is reportedly asking for a $1 billion discount on the price it originally agreed to.
"In late July 2016, a hacker claimed to have obtained certain Yahoo user data," the company said in the filing. "After investigating this claim with the assistance of an outside forensic expert, the Company could not substantiate the hacker's claim. Following this investigation, the Company intensified an ongoing broader review of the Company's network and data security, including a review of prior access to the Company's network by a state-sponsored actor that the Company had identified in late 2014."
Although Verizon's legal team and at least one executive has said the company expected the data breach would have a "material" impact on the company's purchase of Yahoo! -- specifically that the price would go down -- but that it would not kill the deal.
Jeremiah Grossman, a former Yahoo! employee and chief of security at the company SentinelOne, said the security breach is cause for concern but he does not think it will derail Verizon's acquisition of the internet services company.
"For publicly traded companies, it's far less risky, liability wise, to overstate risks than under report," Grossman told NBC News. "My thoughts: The acquisition will still go through. I don't recall any active acquisition ever that was scrapped due to a breach or any computer security concerns."