More Questions Over Yahoo’s Value Following Biggest Hack Revelation

Fortune reports that Verizon will seek to reduce its purchase price for Yahoo following the recent disclosure of a 2013 hack which compromised one million Yahoo accounts. The Yahoo data breach is said to be the largest ever disclosed.

Verizon originally agreed to buy Yahoo’s core internet business in July, for a price of USD4.8bn. Some questioned if that price was generous, even though Yahoo had once been valued at over USD100bn. Subsequent revelations about cyberattacks on Yahoo show us the dangers of valuing a business that is built upon data and customer relationships when it can be impossible for an outside firm to establish if it has been successfully hacked.

Last month I argued that the cover-up of a breach could do more harm than the breach itself. Not all investors would agree, but I would prefer to back a management team that admits to an attack and seeks to immediately reverse the harm that is done, compared to executives who protect the company’s supposed value by pretending security has not been circumvented and the business has suffered no damage. The former managers have a reason to promptly fix the flaws in their security; the latter do not. Maintaining a valuation by keeping investors ignorant of the company’s problems is another way of inflating the difference between the market value of a corporation and its true worth.

Modern business is built on trust, but increasingly the valuation of firms like Yahoo make me think that optimism and gullibility is being confused with trust. Yahoo is currently worth a fraction of the price it once could supposedly command. If Verizon could step away from their acquisition deal, it is doubtful that there would be many other suitors willing to pay such a price for Yahoo. That gives Verizon a negotiating advantage, but also begs a question. Whilst Yahoo generates almost USD5bn a year in revenues, would you want them to handle your data? If increasingly tech-saavy users find ways to avoid connecting to unreliable internet businesses then revenues and valuations could rapidly fall further.

Eric Priezkalns
Eric Priezkalns
Eric is a recognized expert on communications risk and assurance. He was Director of Risk Management for Qatar Telecom and has worked with Cable & Wireless, T‑Mobile, Sky, Worldcom and others.

Eric was lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He was a member of Qatar's National Committee for Internet Safety and the first leader of the TM Forum's Enterprise Risk Management team. Eric currently sits on the committee of the Risk & Assurance Group. He is a qualified chartered accountant, with degrees in information systems, and in mathematics and philosophy.

Commsrisk is edited by Eric. Look here for more about Eric's history as editor.