Marissa Mayer, the CEO of Yahoo, will not be receiving her financial bonus for 2016. A board investigation has concluded that both Mayer and other senior executives had failed to properly comprehend or investigate a 2014 data security breach that affected more than 500 million accounts.
Apart from that, Ronald Bell, Yahoo’s top lawyer, resigned.
To illustrate the repercussions, Mayer’s original employer letter lists her target cash bonus as twice her salary. Specifically, that amounts to $2 million, and is influenced by her performance.
Yahoo decided to announce the breach in 2016, and admitted that several pieces of sensitive personal information were stolen, including:
– Encrypted passwords
– Telephone numbers
– Dates of birth
Essentially, Yahoo’s security team knew about the incident way back in 2014, but it remains unclear how clearly the situation was communicated with company management, according to the board. Mayer claims to have learned about the incident in September 2016.
Yahoo believes that failures in management, communication, internal reporting and inquiry are to blame for the way they decided to handle the 2014 incident.
Alas, the drama went on, and in 2016, the same perpetrators compromised another 32 million Yahoo accounts. This time around, they forged browser cookies that granted them unauthorised access to the accounts.
According to Yahoo, these cookies have now been invalidated. Last year, they also spent $11 million in legal fees and allocated $5 million towards investigating the breach in addition to developing a fix for the security holes.