Yahoo's Security Incompetence Just Took $250 Million Off Verizon's Asking Price
from the dysfunction-junction dept
So last year we noted how Verizon proposed paying $4.8 billion to acquire Yahoo as part of its plan to magically transform from stodgy old telco to sexy new Millennial advertising juggernaut, which, for a variety of reasons, isn’t going so well. One of those reasons is the fact that Yahoo failed to disclose the two, massive hacks (both by the same party) that exposed the credentials of millions of Yahoo customers during deal negotiations. The exposure included millions of names, email addresses, phone numbers, birthdates, hashed passwords (using MD5) and “encrypted or unencrypted” security questions and answers.
As noted previously, Verizon had been using the scandal to drive down the $4.8 billion asking price, reports stating that Verizon was demanding not only a $1 billion reduction in the price, but another $1 billion to cover the inevitable lawsuits by Yahoo customers.
Verizon appears to have gotten at least some of what it wanted, Bloomberg reporting that Verizon has managed to shave $250 million or so off of the original price tag:
“Verizon Communications Inc. is close to a renegotiated deal for Yahoo! Inc.?s internet properties that would reduce the price of the $4.8 billion agreement by about $250 million after the revelation of security breaches at the web company, according to people familiar with the matter…In addition to the discount, Verizon and the entity that remains of Yahoo after the deal, to be renamed Altaba Inc., are expected to share any ongoing legal responsibilities related to the breaches, said the people, who asked not to be identified discussing private information.”
Yahoo wasn’t always incompetent when it comes to security. In fact, at one point the company was considered among the best in the business, something that only began to change when CEO Marissa Mayer decided to begin cutting security corners. This came to light a few months back via a series of insider-fueled pieces highlighting how Mayer’s business decisions actively worked to make Yahoo users less secure. Mayer was concerned, apparently, that actually being transparent with Yahoo customers about their (not so) private data would result in the company losing even more customers than it already had:
“According to the former Yahoo executive that Business Insider spoke to, Yahoo’s culture of secrecy and its prioritization of other business goals led to troubling security practices that made it much more difficult for Yahoo to defend from hackers. Yahoo’s security team was often denied funding and sometimes kept in the dark at Mayer’s direction, as she feared more emphasis on security could potentially spur a decline in the company’s user base.”
But at the end of the day, transparency builds trust in the brand, resulting in more loyal customers — something Mayer apparently didn’t understand. The ironic part being that much of this shift away from security was also occurring because Mayer was busy trying to make Yahoo a sexier acquisition target. Fortunately for all of us, this deal finally puts this entire sordid affair in the real-view mirror, and Verizon executives can get back to gobbling up foundering 90s internet brands, and convincing itself it has the disruptive DNA required to take on Google, Facebook and others in the quest for Millennial ad eyeballs.
Comments on “Yahoo's Security Incompetence Just Took $250 Million Off Verizon's Asking Price”
Pretty Cheap
The price of security per breached user account is pretty cheap. Two breaches one of 500,000 users and then a second of 1 Billion users makes the $250 Million equate to one slightly tarnished quarter per breached account.
Wow. AltaVista must have been REALLY security-incompetent.
That’s Because ...
… neither company is paying the true cost of the security breach.
And again today more news on crappy Yahoo security, apparently their cookies were not safe for consumption.
http://globalnews.ca/news/3251511/yahoo-security-breach-2015-2016/
the absolute, dead-last thing i want is a real-view mirror.
“Yahoo wasn’t always incompetent when it comes to security.”
You mean they haven’t always been a bunch of yahoos when it comes to security?
Verizon doesn’t want to compete with Google, et al head on. They’re coming at it from the back door. If they can prevent cell phone providers from being subjected to the same network neutrality/utility rules as govern POTS, then they can force their customers to use their portal system regardless of what their customers want. ALl they have to do is exempt their portal properties from data caps.
“she feared more emphasis on security could potentially spur a decline in the company’s user base”
She has since learned that downplaying security concerns definitely spurred a decline in their user base as users discovered multiple occasions where the system was hacked & wasn’t revealed until years after the event.
She chose the wrong worst case scenario, and yet will still walk away with a pile of cash for caring more about optics than real problems.
How much more will the price drop after the cookie hack?
https://arstechnica.com/information-technology/2017/02/yahoo-reveals-more-breachiness-to-users-victimized-by-forged-cookies/