Failures

by Karl Bode


Filed Under:
cybersecurity, hack, merger, privacy

Companies:
verizon, yahoo



Verizon Wants A Yahoo Price Cut After Company Reveals Another, Massive Hack Attack

from the this-is-not-going-well dept

Earlier this year Verizon was understandably irritated when it learned (just two days before the public) that Yahoo had failed to disclose a massive hack of the company's systems during the companies' $4.8 billion merger negotiations. Reports suggested that Verizon, who is attempting to pivot from broadband to ads and content, wanted a $1 billion reduction in the asking price and another $1 billion set aside for the inevitable lawsuits. Given its NSA ties, Verizon was likely much less concerned about reports revealing that Yahoo also went out of its way to help the government sniff through subscriber e-mail accounts en masse.

Fast forward to this week, and things just got notably more complicated for both companies. While the first Yahoo hack revealed the personal data of roughly 500,000 Yahoo subscribers, Yahoo just confirmed a second attack by the same party that the company says revealed the personal data of 1 billion Yahoo users. Yahoo says this second attack was only revealed once law enforcement reached out to Yahoo with snippets of the compromised data in hand. But in a website post by Yahoo’s chief information security officer Bob Lord, the company effectively admits it still doesn't actually know how the hackers got this information:
"As we previously disclosed in November, law enforcement provided us with data files that a third party claimed was Yahoo user data. We analyzed this data with the assistance of outside forensic experts and found that it appears to be Yahoo user data. Based on further analysis of this data by the forensic experts, we believe an unauthorized third party, in August 2013, stole data associated with more than one billion user accounts. We have not been able to identify the intrusion associated with this theft. We believe this incident is likely distinct from the incident we disclosed on September 22, 2016."
Not too surprisingly, Verizon continues to be frustrated by the revelations, while simultaneously using them to drive down the Yahoo asking price:
"A legal team led by Verizon General Counsel Craig Silliman is assessing the damage from the breaches and is working toward either killing the deal or renegotiating the Yahoo purchase at a lower price, the person said. One of the major objectives for Verizon is negotiating a separation from any future legal fallout from the breaches. Verizon is seeking to have Yahoo assume any lasting responsibility for the hack damage, the person said."
While some outlets continue to suggest the deal could be killed entirely, Yahoo is critical to Verizon executives' beliefs they can transform Verizon from stodgy old telco into a Millennial-focused media and advertising juggernaut. The problem is that Verizon's attempt to become the next Google or Facebook isn't going particularly well. Being a pampered telecom monopoly for a generation doesn't imbue you with the kind of DNA required to make such a disruptive transition, resulting in the company's Millennial-focused streaming service Go90 being a "dud" in the words of Verizon's own partners.

Verizon will likely continue undaunted in its plan to magically become Google by gobbling up failed 90s internet brands. And while it's far from certain that Verizon has the chops to successfully make this transition work, the least we can hope is that the telco brings something vaguely resembling security standards along for the ride as the deal stumbles its way toward its inevitable conclusion.

Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Anonymous Coward, 15 Dec 2016 @ 5:28pm

    Your disdain for the whole telcom world pretty much shades your opinion on every piece you write. Snide remarks really don't help to make your point.

    reply to this | link to this | view in chronology ]

    • identicon
      Thad, 15 Dec 2016 @ 5:45pm

      Re:

      Quiet, Mr. Orlowski.

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 15 Dec 2016 @ 8:27pm

      Re:

      Today's telecom industry pretty much deserves the disdain it receives.

      reply to this | link to this | view in chronology ]

    • icon
      orbitalinsertion (profile), 16 Dec 2016 @ 12:45am

      Re:

      That disdain is a result of the telecom industry's disdain for everything but their pockets.

      As if one should approach each new mention of the actors in the telecom sphere, pretending their behaviors and actions are divorced from all previous history, and that in fact one has never even heard of the sector before.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 16 Dec 2016 @ 6:46am

        Re: Re:

        When the telcos feel like they can yoink around the *largest private telecommunications network operator in the USA, which just so happens to be a multi-billion-dollar company*, what chance does Joe Consumer have?

        reply to this | link to this | view in chronology ]

    • identicon
      I.T. Guy, 16 Dec 2016 @ 7:26am

      Re:

      Hey now buddy. The Telcos have worked damn hard to earn that disdain. You can't take that away from them. Grinch.

      reply to this | link to this | view in chronology ]

  • icon
    Anon E. Mous (profile), 15 Dec 2016 @ 6:15pm

    After this breach I cant see many people having a lot of faith in anything Yahoo does, there stock price is in the crapper and this news certainly isn't going to help things.

    Verizon may as well rescind their offer at this point and just give Yahoo shareholders a Groupon coupon and call it even

    reply to this | link to this | view in chronology ]

  • icon
    Krolis (profile), 15 Dec 2016 @ 9:51pm

    Not sure what to be surprised about, that Yahoo got hacked or that they have over 1 BILLION users.

    reply to this | link to this | view in chronology ]

    • identicon
      any moose cow word, 16 Dec 2016 @ 12:13am

      Re:

      I suspect that many of them are inactive accounts.

      reply to this | link to this | view in chronology ]

      • icon
        orbitalinsertion (profile), 16 Dec 2016 @ 12:50am

        Re: Re:

        A lot of them are hosted ISP customer mail accounts. Seem to be popular in Asia-Pacific too. So yeah probably a lot of initial mail accounts that may not actually be used for anything other than a signup email address elsewhere, or dead. They seem to have enough active traffic to get criminals and governments (yeah, redundant) interested.

        reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 16 Dec 2016 @ 6:37am

    Wouldn't it be great to have Yahoo cloud services be used for elections?

    reply to this | link to this | view in chronology ]

  • icon
    Ninja (profile), 16 Dec 2016 @ 8:14am

    Seriously, buying Yahoo now is like buying a piece of moldy bread. It's worth nothing. They should just slash another billion and sell asap. It would still be stratospheric profit.

    reply to this | link to this | view in chronology ]

  • icon
    That Anonymous Coward (profile), 16 Dec 2016 @ 8:35am

    Why is Yahoo! maintaining any value at this point?
    (I mean other that that huge chunk of what was it Ali Baba)

    Because despite their complete failure at system security, they have name recognition. People remember the Yahoo! and keep using it despite how many times they screwed up because surely its fixed now.

    There are people still rocking AOL because its what they always used.
    There are still people giving Sony their credit card numbers after the 23 massive (reported) hacks.

    Sticking with what you always used is an amazing bias we seem to have. See Also: Vaccines=Autism, Drones used to take guns, The lizard aliens control the world.

    Yahoo! as a brand should be dead at this point, but somehow there are people willing to believe Yahoo! cares about them and will do better this time. They refuse to accept that while hacking does happen, not even trying to detect or mitigate it is very wrong.

    reply to this | link to this | view in chronology ]

    • icon
      John85851 (profile), 16 Dec 2016 @ 9:32am

      Re:

      *Sticking with what you always used is an amazing bias we seem to have.*
      See also: all the people who still use Bank of America, Chase, and all the other "too big to fail" banks. It's very hard to switch to a credit union when you have your checking account set to auto pay your electric, water, cable, insurance, and other bills.

      reply to this | link to this | view in chronology ]

    • icon
      crade (profile), 16 Dec 2016 @ 10:08am

      Re:

      There used to be a day, way back when being too incompetent to compete would doom a company. Now it means they make our laws :)

      reply to this | link to this | view in chronology ]

  • icon
    Jeremy2020 (profile), 16 Dec 2016 @ 8:57am

    I should be the next Yahoo CEO. I'll take 200 million for continuing to drive it into the ground.

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Techdirt Gear
Shop Now: I Invented Email
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.