The company took a big step by hiring chief information security officer Alex Stamos, who implemented valuable measures like widespread encryption, collaboration on threat data and "red teams" that broke into Yahoo systems to see how vulnerable they were. However, Mayer supposedly fought with Stamos' group, depriving it of resources and stalling the implementation of vital features like intrusion detection. Many of its security staffers have left for Silicon Valley mainstays like Apple, Facebook and Google, according to insiders.

A spokeswoman suggests to the Times that things are on the mend. It spent $10 million on encryption in 2014, and that its security investments jumped 60 percent between 2015 and 2016. Yahoo has a "deep understanding" of online threats, the representative says, and it tries to "stay ahead" of those dangers to keep you safe.

If the report is accurate, though, it hints that the increased spending might be necessary for catching up. It'd be an acknowledgment that the company's previous focus on ease of use over security was too risky, and that whatever inconveniences you suffer from added security are far, far more preferable to losing sensitive info to hackers. And lax security doesn't just scare away some customers -- it could even jeopardize that lucrative Verizon deal.