Yahoo’s chief executive Marissa Mayer is holding herself accountable for the two security breaches that took place under her watch. In a Tumblr post, Mayer announced that she would forgo her annual bonus and equity grant from 2016.
However, the language that Mayer used slightly differs from what’s detailed in Yahoo’s annual report, which states:
In response to the Independent Committee’s findings related to the 2014 Security Incident, the Board determined not to award to the Chief Executive Officer a cash bonus for 2016 that was otherwise expected to be paid to her. In addition, in discussions with the Board, the Chief Executive Officer offered to forgo any 2017 annual equity award given that the 2014 Security Incident occurred during her tenure and the Board accepted her offer.
How much exactly is being surrendered remains unknown — we’ve reached out to Yahoo for more information — but in her post, Mayer expressed a desire to see that money be “redistributed to our company’s hardworking employees.” It’s interesting to note that she’s giving up two years worth of bonuses.
Today’s development comes from the company’s annual report, which details the investigation and recommended actions from an independent committee tasked with finding out what happened in the aftermath of the two separate security breaches between 2014 and 2016.
“As those who follow Yahoo know, in late 2014, we were the victim of a state-sponsored attack and reported it to law enforcement as well as to the 26 users that we understood were impacted,” Mayer said in her post. “When I learned in September 2016 that a large number of our user database files had been stolen, I worked with the team to disclose the incident to users, regulators, and government agencies.”
The independent committee’s research highlighted that Yahoo’s information security team knew about the hacking and in 2014, senior executives and legal staff “were aware that a state-sponsored actor” had accessed some user accounts through an exploit in the company’s account management tool.
The investigation did not conclude that Yahoo sought to intentionally suppress “relevant information,” but that there was enough evidence back in 2014 to pursue the matter, which could have prevented another breach.
Yahoo’s annual report details specific actions the company is taking to rectify the matter, including updated processes, structure changes, and “other disciplinary actions.”
Per Mayer: “However, I am the CEO of the company and since this incident happened during my tenure, I have agreed to forgo my annual bonus and my annual equity grant this year and have expressed my desire that my bonus be redistributed to our company’s hardworking employees, who contributed so much to Yahoo’s success in 2016.”
But she wasn’t the only one to be affected by the investigation. Yahoo’s general counsel and secretary Ronald Bell has resigned his post. The company stated that no payments will be made “in connection” with his departure.