Yahoo failed to provide resources to its security team and implement steps to protect users’ data in recent years, according to a new report from The New York Times on Wednesday.
The report is adding to scrutiny of the tech giant’s practices less than a week after Yahoo confirmed that the login information for 500 million users had been stolen.
The Times reported that CEO Marissa Mayer, the former Google executive brought on to turn Yahoo around, opted not to pursue certain security solutions. That included a mandatory password reset for all users, according to the report, because that could have hurt Yahoo’s core email business.
Yahoo said in a statement that it had invested heavily in security in recent years.