Yahoo CEO Marissa Mayer is paying for the unprecedented security breaches that took place on her watch.
For 2016, Yahoo’s board decided not to award Mayer her cash bonus because of a security breach that affected more than 500 million accounts in 2014. An independent committee investigating that breach and several other incidents found that ”certain senior executives did not properly comprehend or investigate, and therefore failed to act sufficiently upon, the full extent of knowledge known internally by the Company’s information security team,” Yahoo said in an SEC filing today.
In addition to forgoing her 2016 bonus, Mayer has “offered to forgo any 2017 annual equity award given that the 2014 Security Incident occurred during her tenure,” the filing states, adding, “the Board accepted her offer.”
Where will that money go? In a post on Tumblr—of course—Mayer said she has asked for her bonus to be divided among Yahoo employees. “I have agreed to forgo my annual bonus and my annual equity grant this year and have expressed my desire that my bonus be redistributed to our company’s hardworking employees, who contributed so much to Yahoo’s success in 2016,” Mayer wrote.
Security breaches have dogged Yahoo. This past September, the company disclosed the 2014 hack million users, in what appeared to be a state-sponsored attack. Three months later, Yahoo had even worse news: another, unconnected breach had compromised more than 1 billion accounts.
Those breaches have been bad for business. Over last summer, Verizon agreed to acquire Yahoo’s core businesses—deemed “worthless” by Wall Street—for $4.8 billion. Late last month, the telecom giant used Yahoo’s poor record on cybersecurity to slash that offer by $350 million.
Today’s SEC filing leaves little doubt that Yahoo executives were at fault. ”The relevant legal team had sufficient information to warrant substantial further inquiry in 2014, and they did not sufficiently pursue it,” the filing states. “As a result, the 2014 Security Incident was not properly investigated and analyzed at the time, and the Company was not adequately advised with respect to the legal and business risks associated with the 2014 Security Incident.”
Mayer might be out a chunk of cash, but she made out better than Yahoo general counsel Ronald Bell. He resigned Wednesday. No payments were made by Yahoo in connection with his departure.