You might give quite a lot not to be in Yahoo!’s shoes just at the moment. Following the revelation in December of a second huge security breach in which a billion accounts were compromised, not only is it under investigation by the Securities and Exchanges Commission (SEC) in the US but its acquisition by Verizon is going to be delayed.
It’s worth stressing, even if only to allay the fears of any onlooking lawyers, that there does not appear to be any suggestion that the deal will not go ahead. It’s not happening in the original time frame, however.
The idea was that Yahoo! would sell its core internet operation to Verizon for $4.8bn. It was supposed to happen in the first quarter this year but is now likely to take place in Q2, according to Yahoo!
The sticking point has to have something to do with Yahoo! admitting to a billion accounts being compromised last month. The SEC is obviously interested in this and in the breach earlier in the year, but it’s even more interested in the notion that it took the company three years to make the issue public.
There isn’t any legal obligation or time frame for companies to release information when there has been a breach like this, but the SEC was already looking into Yahoo! because of a hack in 2004 that wasn’t publicised until November last year.
All of which has to raise the questions: is it just Yahoo! that hasn’t disclosed large-scale hacks – and if not, how many more historical breaches of security are out there and damaging people right now, without the companies involved having disclosed it?