Yahoo will be sued over the mega breach that was revealed last week. A resident of New York, Ronald Schwartz, filed the suit on Friday in a California court represented by law firms Robbins Geller Rudman as well as Dowd and Labaton Sucharow. The suit states that if only Yahoo had been more serious about user privacy, then millions of the company’s customers’ personal data would not been exposed. Instead, the claimants state, the company showed “reckless disregard for the security of its users’ personal information”. The lawsuit says that Yahoo took three times as long as it should have to uncover the breach, which was initially performed in 2014. As regulations are so often arcane and hard to follow, could civil litigation be a route to not only fair recompense for the victims of a breach, but a strict corrective to those who should have been better prepared? This may “lead to more than just companies re-thinking their security strategy,” Amit Ashbel, cyber-security evangelist at Checkmarx told SC. “It will probably also create an industry demand for clear regulations and standards to not necessarily prevent such attacks but rather protect organisations from further legal actions following a breach.” Read more on SC Magazine here.