The Securities and Exchange Commission is investigating whether Yahoo! should have revealed two significant data hacks sooner to investors, according to the Wall Street Journal.

As the Wall Street Journal reports, SEC officials formally began requesting documents last December on Yahoo!’s late 2014 data hack. The data hack, which was disclosed last September, affected the personal data of more than 500 million users and Yahoo! linked the breach to a “state-sponsored actor.”

Last December, the search company also disclosed a second data hack that occurred in August 2013. The breach affected an additional 1 billion users and stolen data included email addresses, passwords and security question answers. In a statement with the initial disclosure, Bob Lord, chief information security officer at Yahoo!, said the company has “not been able to identify the intrusion associated with this theft.”

For regulators, the timing of the disclosures for the data hacks will likely play a role in its probe. Last July, Verizon announced it would buy Yahoo!’s core businesses and both data breaches were not disclosed until after the sale. While Verizon has not backed out of the deal, the company is still actively looking into the terms of the agreement and the impact both data hacks would have on the acquisition.

In its November 2016 SEC filing, Yahoo! said it was working with investigators and officials to determine the cause of data hacks.

“The Company is cooperating with federal, state, and foreign governmental officials and agencies seeking information and/or documents about the Security Incident and related matters, including the U.S. Federal Trade Commission, the U.S. Securities and Exchange Commission, a number of State Attorneys General, and the U.S. Attorney’s office for the Southern District of New York.” Yahoo! said.