Yahoo Inc. said on Wednesday its senior executives failed to "properly comprehend or investigate" a 2014 security breach that affected more than 500 million accounts, according to a review by its board.
Continue Reading Below
The review found fault at several levels. There was a breakdown in internal reporting, management, communication around the breach, the company said. Yahoo's lawyers also took some of the blame for not sufficiently investigating.
Following the review, conducted by an independent board committee, Yahoo's board decided not to award Chief Executive Officer Marissa Mayer her 2016 cash bonus, the company said in an annual filing Wednesday. Additionally, Yahoo's top lawyer resigned, effective March 1, and the board has asked Yahoo to beef up its cyber security measures.
Ms. Mayer also offered to forgo her equity award in 2017, and the board accepted.
In September, Yahoo, which has agreed to sell its core business to Verizon Communications Inc. last year, said hackers penetrated its network in late 2014 and stole personal data on more than 500 million users. The stolen data included names, email addresses, dates of birth, telephone numbers and encrypted passwords, Yahoo said.
Write to Deepa Seetharaman at Deepa.Seetharaman@wsj.com and Robert McMillan at Robert.Mcmillan@wsj.com