Yahoo’s (NASDAQ:YHOO) chief executive Marissa Mayer will lose out on her annual bonus after the mishandling of the security breaches, affecting more than one billion users.
Mayer, whose team was to have reacted too slowly to one breach in 2014, said on Wednesday she wanted to distribute her £2 million bonus to the company’s entire workforce of 8,500 employees. The board have not yet agreed to this.
“As those who follow Yahoo know, in late 2014, we were the victim of a state-sponsored attack and reported it to law enforcement as well as to the 26 users that we understood were impacted,” said Mayer in a statement.
“When I learned in September 2016 that a large number of our user database files had been stolen, I worked with the team to disclose the incident to users, regulators, and government agencies. However, I am the CEO of the company and since this incident happened during my tenure, I have agreed to forgo my annual bonus and my annual equity grant this year and have expressed my desire that my bonus be redistributed to our company’s hardworking employees, who contributed so much to Yahoo’s success in 2016.”
According to the results of an investigation disclosed on Wednesday, whilst Yahoo’s security team found evidence that a hacker had pried into accounts in 2014, Yahoo executives “failed to act sufficiently”. At the time of the hack, the company only notified 26 people that their accounts had been breached.
Yahoo only disclosed information of the breach in September 2016, when it notified at least 500 million users that their email addresses, birth dates and other personal information may have been stolen. Three months after this, Yahoo revealed it uncovered a separate hack in 2013 affecting about 1 billion accounts.
Yahoo’s general counsel and secretary Ronald Bell, who had been with the company since 1999, resigned on Wednesday.