Failure to quickly address cyber breaches can lead to dire business consequences
In yet another example of the impact of cyberattacks on businesses – and their executives – across the US, Yahoo recently announced the cancellation of CEO Marissa Mayer’s annual bonus and the resignation of the company’s general counsel, both direct results of Yahoo’s failures in handling the cyberattacks that compromised the email accounts of up to a billion users between 2013 and 2016.
Given the widely accepted opinion that Yahoo was far too slow in assessing, addressing and notifying customers and others of the occurrence of the breach and its effects, Mayer wrote on a blog post that “I am the CEO of the company and since this incident happened during my tenure, I have agreed to forgo my annual bonus and my annual equity grant this year.”
The consequences were even more dire for Ron Bell, Yahoo general counsel, who will no longer be with the company.
These announcements are far from shocking given the recent announcement by Verizon that as a result of the Yahoo breaches it would be paying $350 million less than previously agreed for its acquisition of Yahoo Internet related assets.
The Yahoo situation is another reminder of the need for company management and legal counsel to be vigilant, prepare for, and act swiftly in the face of the constantly growing cyber risk facing businesses large and small. No business is immune from the risk, and boards and executives should reach out to outside counsel to establish a proper cybersecurity program tailored to their company’s individual needs and risk level.
For more information on the topic discussed, contact:
E-Alert is a quarterly newsletter that features the latest thinking from Tannenbaum Helpern's various departments.