Will Yahoo's Data Breach Derail Verizon Deal?
Investors started worrying Friday that a massive security breach disclosed by Yahoo Inc. could impact the internet company's $4.8 billion deal to sell its core business to Verizon Communications Inc.
The breach, which Yahoo blamed on a state-sponsored actor, occurred two years ago but was discovered after the merger deal was signed. Verizon said it learned of the problem this week and was reviewing the situation.
The telecom company is waiting to see how the breach affect's Yahoo's business in coming weeks before deciding its next steps, a person familiar with the matter said.
Verizon was displeased by how long it took Yahoo to notify the company about the breach, this person said. Verizon isn't conducting its own independent investigation since the deal hasn't yet closed, the person said.
Verizon's principal interest in the deal was the audience, not user accounts, that visits Yahoo web properties, as the telecom company looks to boost its online advertising business.
Shares of Yahoo fell 3% to $42.80 in Friday trading, a sign of mounting fears around the all-cash deal. The decline erased $1.5 billion of Yahoo's market value, which is mostly tied to its stake in Alibaba Group Holding Ltd. and Yahoo Japan Corp.
Some of the decline in Yahoo's shares Friday was because of a drop in Alibaba's stock, which was down 1.8%, and some to worries the data breach could encourage Verizon to recut its deal for Yahoo's core business, said Youssef Squali, an analyst with Cantor Fitzgerald.
"The question is, can you put a number around the data breach," said Mr. Squali.
Many merger agreements contain provisions allowing buyers to withdraw from deals if the value of a transaction has been hurt by a significant development. In the case of the Verizon/Yahoo deal, such a change is defined as one that would "reasonably be expected to have a material adverse effect on the business, assets, properties, results of operation or financial condition of the business, taken as a whole."
Stephen S. Wu, a lawyer at the Silicon Valley Law Group, reviewed the purchase agreement and says it is clear that Yahoo effectively promised that no security breaches had taken place -- and that no breaches will have occurred by the deal's closing, which is expected in the first quarter of 2017.
That gives Verizon leverage to potentially renegotiate the deal, or even walk away, he said. The difficulty for Verizon is determining what exactly is a materially adverse effect, and whether it is enough to extinguish Verizon's interest in Yahoo. There isn't a clear definition.
"It's vague," Mr. Wu said. "This is an agreement written in a way that there's a judgment call that needs to be made."
It is rare for companies to trigger material adverse change clauses because courts have resisted their use, said Lisa Stark, a partner at K&L Gates LLP.
"It's a very high standard," she said. "It has to be a very substantial event. It can't just be a hiccup."
In 2007, for example, Hexion Specialty Chemicals agreed to acquire Huntsman Corp. in a $6.5 billion deal. But Huntsman's earnings fell after the deal was signed and Hexion and its private-equity owner sued to get out of the deal. The Delaware court sided with Huntsman, however, ruling Huntsman's weak earnings were short term.
The two sides ultimately agreed to settle, with Hexion walking away after it paid to settle with Huntsman.
In 2001, a Delaware judge ruled that Tyson Foods Inc. improperly broke off a $3.2 billion deal with meatpacker IBP Inc. after Tyson argued IBP had misled it about its earnings potential.
Although there is little history of successful use of the clauses, one lawyer said companies continue to put them into deal contracts, because it gives buyers a way to begin difficult conversations if they get cold feet after signing an agreement.
"It gives somebody leverage to renegotiate a deal without necessarily going to court," said Andrew Herman, a partner at Kirkland & Ellis LLP. "It sets up that conversation."