U.S. authorities are investigating whether Yahoo Inc.’s two massive data breaches should have been reported sooner to investors, according to people familiar with the matter, in what could prove to be a major test in defining when a company is required to disclose a hack. The Securities and Exchange Commission has opened an investigation, and in December issued requests for documents, as it looks into whether the tech company’s disclosures about the cyberattacks complied with civil securities laws, the people said.
- Read the article: The Wall Street Journal