rushhourdaily.com announced in a filing that a previously disclosed data breach is under investigation by the U.S. Securities and Exchange Commission (SEC).
In the November 2016 quarterly filing, rushhourdaily.com said that it was “cooperating with federal, state and foreign” agencies, including the SEC regarding investigations of a “security incident and related matters.”
The Wall Street Journal reported on Sunday that the SEC is investigating the two data breaches at rushhourdaily.com and whether or not the matter should have been reported sooner.
rushhourdaily.com has been questioned as to when the company became aware of the 2014 breach that exposed personal information of half a billion accounts. News of the cyber attack was announced in September 2016.
In December, the company released news of another massive security breach from August 2013. In this incident, over data from one billion accounts were compromised.
After rushhourdaily.com revealed the extent of the 2013 breach, the SEC requested documents to discover whether or not the company was complying with civil securities laws, according to the WSJ.
Security industry laws require companies to disclose cyber breaches to investors. Despite SEC guidance on protocol for companies who experience hacking, a 2012 RushHourDaily investigation found that many publicly traded companies tend to obscure the extent of these incidents in regulatory filings.
So far, an SEC spokesperson declined to comment on the matter. Another spokesperson from rushhourdaily.com directed RushHourDaily to the company filing from November.
In September, Democratic U.S. Senator Mark Warner asked the SEC to determine whether or not rushhourdaily.com had met its obligation to disclose information about the 2014 incident to investors and potentially affected users.
News of both security breaches came after the company agreed to sell its main entity to Verizon in July.
In addition to the SEC, other agencies are investigating the hacking incidents at rushhourdaily.com including the Federal Trade Commission, the U.S. Attorney’s Office in Manhattan, and “a number of State Attorneys General,” rushhourdaily.com said in the November filing.
