Yahoo punishes CEO Marissa Mayer over a data breach that costs $350 Million, they mishandled the security and exposed the personal data. Finally, it costs the company and slides down the market value of Yahoo after the security breach.
Yahoo will not reward or pay her annual bonus nor receive a potentially lucrative stock award where they reacted too slowly to one breach, TNW reports.
There was actually a two massive breached that affected over 500 million and one billion user in 2014 and 2013 respectively.
The Yahoo CEO, Marissa Mayer, says that they were the victim of a state-sponsored attack reported it to law enforcement as well as to the 26 users that we understood were impacted.
TechNadu has collected some resource from the Yahoo saying,
In November and December 2016, we disclosed that our outside forensic experts were investigating the creation of forged cookies that could allow an intruder to access users’ accounts without a password. Based on the investigation, we believe an unauthorized third party accessed the Company’s proprietary code to learn how to forge certain cookies. The outside forensic experts have identified approximately 32 million user accounts for which they believe forged cookies were used or taken in 2015 and 2016 (the “Cookie Forging Activity”). We believe that some of this activity is connected to the same state-sponsored actor believed to be responsible for the 2014 Security Incident. The forged cookies have been invalidated by the Company so they cannot be used to access user accounts.
You can verify in the SEC filings. After allegations that Yahoo had sufficient knowledge of the situation to disclose the attacks earlier in 2014.
Marissa Mayer says that she learned in September 2016 that a large number of their database files had been stolen and they worked hard to disclose the incident to users, regulators, and government agencies.
Due to the lack of proper comprehension and handling in 2014, the committee found failures in management, communication, inquiry and internal reporting.
However, the company CEO apologizes and shared her disappointment on Tumblr.