Part of governance is punishing someone who violates the rules. Good, though, to have some temporal connection between the violation and the punishment.
“U.S. Plans Charges In Breach At Yahoo,” The Wall Street Journal, March 15, 2017 B1. Move comes after 2014 breach at Yahoo that exposed 500 million users in late 2014, after the larger breach in 2013 exposing twice as many accounts. Huge impact on the users and the shareholders.
The company’s lawyer resigned and the CEO lost her cash bonus. Have the directors at the time been penalized at all? They missed this, too.