Something changed in the first month of 2019; shareholders successfully held a company accountable for its data breaches.
Yahoo’s former officers and directors agreed to pay $29 million to settle charges that they breached their fiduciary duties during a string of cyber attacks between 2013 and 2016.
The data of three billion Yahoo user accounts got compromised in the attacks.
According to reports all prior breach-related derivative lawsuits had been dismissed or settled without payment to the shareholders.
A derivative lawsuit is a way that the shareholders — the owners of a company — can hold corporate directors and management accountable for their actions.
The million dollar settlement is a drop in the bucket for a company that has a $38 billion market capitalization. However, as Craig A. Newman, a partner in New York’s Patterson Belknap Webb & Tyler law firm, writes: “(the settlement) signals that director and officer liability for cybersecurity oversight is entering new and potentially perilous territory.”
Any company that thought it had little to fear from its shareholders after a data breach should think twice.
In the meantime, Newman writes, “this is definitely not the time to cut back insurance for officers and directors.”
Read Mr. Newman’s full analysis at nytimes.com.
Chivaroli and Associates Insurance Services is a full-service brokerage firm specializing in the custom-design and placement of insurance and alternative risk funding solutions for your healthcare organization.