Yahoo! boo! hoo! hoo!: Verizon! hits! brakes! on! $4.8bn! biz! gobble!
And SEC probes three-year gap between data swipe and disclosure
Yahoo!'s sale to Verizon has been delayed, following revelations last year of historical data security breaches.
News of the deferral of the $4.8bn Verizon deal came as Yahoo! released its Q4 earnings results on Monday. "Yahoo! had previously stated that it expected to close the transaction in Q1," it said. "However, given work required to meet closing conditions, the transaction is now expected to close in Q2 of 2017. The company is working expeditiously to close the transaction as soon as practicable in Q2."
Security watchers reckon the delay opens up the likelihood of a renegotiation, which may impact its futures earnings, market valuation and reputation.
Gunter Ollmann, CSO of cybersecurity firm Vectra Networks, said: "As seen in the case of Yahoo!, businesses that lack transparency and willingness to discuss security matters in an honest and open way will see significant impact on the bottom line, and along with it their market value and reputation. This highlights that security is a strategic issue and needs to be included as part of any M&A due diligence. Likewise, cyberattacks offer the opportunity for motivated external parties to damage [an] M&A target organization’s reputation and thus market value."
Last September, Yahoo! admitted that the personal data of more than 500 million users might have been lifted by hackers. Months later in December, it admitted that a separate breach in 2013 might have exposed the account credentials of one billion users. The security control it applied at the time and its handling of the breach have been the focus of criticism from third-party security experts, particularly in the wake of revelations that internal staffers knew back in 2014 that it had been hacked, around two years before the web giant went public.
Yahoo! is reportedly being investigated by the US Securities and Exchange Commission over whether it should have disclosed its security problems to investors more promptly than it did.
Veteran security pundit Graham Cluley has done a good job chronicling the ins and out of the whole sorry saga in a blog post here.
"If the Verizon/Yahoo! deal ends up going ahead at all, my guess is that Verizon is not going to be paying the $4.8 billion it originally offered Yahoo!," Cluley concludes. "Which is obviously good news for Verizon. I mean, imagine if they had only found out about these massive security breaches after they had acquired Yahoo!? They might feel like they weren't in possession of all the facts to make an accurate assessment of how much Yahoo! was worth," he added. ®
- Black Hat
- Common Vulnerability Scoring System
- Cybersecurity and Infrastructure Security Agency
- Cybersecurity Information Sharing Act
- Data Protection
- Data Theft
- Digital certificate
- Identity Theft
- Kenna Security
- Palo Alto Networks
- Trusted Platform Module
- Zero trust