Last week, Verizon finally decided to go forward with the acquisition of Yahoo, the perennial would-be comeback internet search and media company.
The deal, announced last year, saw an unusual delay when Yahoo revealed that it had been hacked, the largest data breach in history as of then. This was followed a couple of months later by the discovery and announcement of another internet intrusion and data theft at Yahoo. And thus, the internet’s Purple One is now the dubious record holder of two of the biggest data breaches in US history.
Yahoo’s revelation of the hack has been accompanied by rumors that the top brass had known about the intrusion for years and declined to announce it, in an effort to maintain its public image.
Due Diligence or Lax Security Management?
The timing of the breach announcement certainly was conspicuous. It could be read as either (a) Yahoo happening upon the data breach as they carried out their day-to-day operations or (b) that either Yahoo or Verizon found out about it as they were doing their due diligence as part of the acquisition or (c) Yahoo was finally forced to give up the ghost on the situation.
While nothing has been proven yet, there are currently twenty-plus lawsuits, plus an SEC investigation that is currently under way.
In addition, one cannot forget the fact that the US does not have a federal law governing data breaches and the notification thereof. Instead, laws that cover such issues exist at the state level, for approximately 45 states. The FTC has also been known to pursue internet-related data breaches with a certain level of enthusiasm. And let’s not forget the state Attorney Generals who have taken a great interest in such issues as well.
Basically, if the allegations that Yahoo sat on the data breach and did nothing for years is revealed as true, there’s is no lack of potential ways for Yahoo (or its reincarnation) to be in trouble.
$350 Million Discount
Which appears to have worried Verizon greatly. For months now, there were rumors that the communications company would nix the deal. Last week, though, Verizon announced they’d go ahead with the acquisition provided that they get a steep discount ($350 million) and that most of the lawsuits’ burden is shouldered by what remains of Yahoo when the business is concluded.
For investors, this is better than nothing, of course. As a business concern, Yahoo has been treading water for years now and investors have been anxious for a way to unload their shares (other than selling it in the open market, that is). But, Verizon’s discount represents close to a 10% haircut. That’s a huge number in financial circles. Undoubtedly, there are many angry investors with deep pockets who will be looking to recover their perceived losses one way or another. If the allegations about management’s collusion are revealed to be true… well, let’s just say that it’s not going to be pretty.
This is one of the few cases where a data breach has directly affected a company’s financial well-being. That is, it’s not due to a civil lawsuit, or the authorities bringing an action against a company, or a situation where a company announces a data breach and people don’t care; like at Target, which hasn’t been affected by its “greatest hack in history” data breach. The same customers continue to shop there.
Nope, this is a clear-cut case where a company has a data breach (two, to be exact) and is directly penalized for it.
You can expect to hear more from this fiasco.
Related Articles and Sites: