You'd think this would affect the stock price, but currently YHOO only trading down 8 cents (-0.18%). I honestly see this all the time. What sounds like really horrible news for a company, does not affect the price. Howerver, some random analyst or reporter who works at the Mercury Star Sun Inquirer writes a negative article or downgrade and the stock tanks. Doesn't make much sense.
Investors are conflicted: on the one hand, Yahoo had a data breach that will cost them trust, but on the other hand, investors are surprised to hear there are still 500 million Yahoo users.
Is that even possible? I got a password reset email for a LinkedIn account that I thought I had deleted years ago. I know that sometimes logging in can reactivate an account, but it's been YEARS now. And it was like I was always there.
LinkedIn is like dallisgrass. pesky stuff to get rid of.
Living in France as a good Java dev, LinkedIn sends me few spam, while it is very relevant to get contacted by recruiters whenever I update my resume. I've found my last 2 gigs in my last 3 years (yeah I'm a software editor who only contracts whenever my income gets low) through LinkedIn. Of course, this doesn't understate LinkedIn's other face which is made of dark patterns, probably-illegal data hunting, massive spamming problems and doubtful security.
The good news about this breach is that it will greatly increase their "active user" count because of password reset logins. That looks good for the buyout deal.
Twitter did this to me right after their last not-so-great quarterly report came out: sent an email saying they have noticed "suspicious activity on my Twitter account and have suspended it. Click this link to reset your password." Which is kinda funny because I never posted one thing to my Twitter account. So locking it for me was the next best thing to deleting it.
When I got the LinkedIn breach email, I too just deleted my account there. Wasn't worth the fretting about security problems.
I use Yahoo for fantasy sports. When I signed up I was forced to register a RocketMail account. Logging into Yahoo Fantasy is the only thing I've used it for. I wonder how many other people are in this scenario.
Some hacker might have my password, hopefully they don't pull Aaron Rodgers from my line up this week.
Yahoo's been authenticating me nearly every time I try to access the fantasy app on my phone. They've made me change my password 3 times in the past month or so. And the password I set doesn't seem to work, so I keep having to use their phone based authentication. With all the money that they have, it's hard to fathom how Yahoo is so bad at delivering secure identity services.
I started using their "Account Key" process, any time I log in on the site from a computer, I get a notification from my Yahoo sports app (iPhone) asking me if I would like to allow the login attempt. I actually like it better than the two-factor auth I use for other accounts. Whether it's more secure or not, I don't know..
EDIT: just for clarification, this replaces the password entirely. So I never enter a password on the site.
Can you help me understand how it replaces the password entirely? What if I lost my phone, or just deleted their app? Does it basically fall back to letting you click a link in your email to approve logging in? Or, SMS, or...?
I've been skeptical of it.
Fortunately iCloud Keychain means my current Y! password is random as hell and not reused anywhere, but I'm slightly nervous wondering what the hell password I had in 2014 or 2012 or whenever this stupid leak happened. :/
If you don't enter a password, then it isn't two factor auth at all. It just swapping one-factor (something you know) for another (something you have).
I know that it's not, I just said that I like it better than the two-factor auth that I use elsewhere. If I need to pull out my phone; its just easier to click my notification and click "approve", than to go to Authy to get the 6 digit code, and type it in to my computer.
Sorry, I misunderstood your statement. I thought you were comparing it to 2FA elsewhere. Now I see that you were just comparing it to the second factor elsewhere (not the whole 2FA0).
I don't think investors are quite that stupid. First that was 500m users in 2014, not today. It also doesn't say active so it's likely some subset of a total. I wouldn't be surprised if Yahoo had even more than 500m accounts in 2014 and today but I would be SHOCKED if they had nearly that many active users.
Yahoo currently is clocking around 900M - 1B monthly uniques.
Consider that third-party tracking still places Yahoo as one of the top trafficked websites in the world, with only Google, Baidu, and Facebook higher.
Oh I'm well aware around the uniques; Yahoo is ranked #5 in Alexa worldwide. Uniques do not count as users, however and my original conjecture stands in my opinion. Now if you have active, monthly user data that would be awesome to see :)
I'm not sure what you're trying to say. The algorithms adjust for bots, spam, cross-platform duplication, etc. 900M - 1B is defined as the Monthly Active Users figure.
Naturally, there are areas where we know the algorithms are not translating the inputs to real users with 100% fidelity, but we know that the discount is relatively minor, not nearly as substantial as youre suggesting.
Multiple counter-parties had their teams diligence our user figures and associated algorithms and found them to be generally accurate representations.
Unless you're using a different definition of "active, monthly user" that deviates from the industry norms?
> 900M - 1B is defined as the Monthly Active Users figure.
Okay that's the disconnect. Monthly uniques typically count is unique accesses of a web page by non-bots / spam. This is how I've seen it defined in every analytics software package I've ever used. Monthly active users is a vastly different concept as it implies repeat access within the month.
Though judging by the downvotes on my parent comment I'm guessing my thinking of the terms is NOT standard? Not going to lie I'm a bit confused around this. I'm going to have to look into it more.
Sorry, my mistake for being loose with my own terminology. I thought it was implied that I meant unique users, which, given my own comment about terminology, was a bit hypocritical of me.
Entirely likely it's not 500m, for sure, but i would not be surprised if it's still in the hundred million active email accounts. Lot of elderly folks who got hooked on a yahoo email account, and just won't give it up. I can say based on consumers emails I've seen in some of the systems I've managed, yahoo still clocks in as a pretty solid 15-20% of email addresses of active users, which isn't a small figure (gmail is of course higher, and major isp's round the bases).
sure. but somehow, among a sea of replies that either don't care for my joke, or who just don't understand that it is a joke, yours manages to be the most off putting.
Yeah, I was wondering about that when I posted (too quickly). You're right of course, though it turns out that Yahoo! still owns 35 percent of Yahoo Japan, basically the same amount as Softbank, a major Japanese ISP I believe.
Actually, the stock price is being majorly affected today! YHOO usually tracks BABA quite precisely, and BABA was up big today (+3.5%). This usually means that YHOO would be up around 2%, which equates to nearly $1.00 in upside. Instead it was flat today.
To make matters worse, YHOO has actually fallen off quite a bit since BABA reached $105/share 1.5 weeks ago, and YHOO corresponded with a high of around $45. If you do the math, with BABA currently nearing $110, YHOO should actually be just north of $46.
tl;dr YHOO shares are actually suffering, but it's harder to see if you're not familiar with the underlying mechanisms at play.
"Yahoo's actual core business of being Yahoo (and Tumblr and whatever) is worth negative $13 billion"
"Even after deducting 38 percent from the value of [the Alibaba shares] to account for taxes, you get a value for Yahoo's actual business of just $1.7 billion"
Actually the part you elide is technically not [the Alibaba shares] but [the Alibaba and Yahoo Japan] shares. But it doesn't really weaken your argument as much as it seems to be, because Yahoo Japan is really separate from Yahoo, despite the name.
Many hedge funds spent time analyzing the effect on a stock price after breach disclosure. From what I read overall, the only negative effect comes if the breach is repeated over longer period of time in media. But as Elena Kvochko put it, "shareholders are numb to news of data breaches" [0].
It doesn't affect stock price because it doesn't really affect the money being made. There aren't going to be any huge fines that need to be paid, they aren't really going to lose customers explicitly due to this. After all, it was _hackers_ that broke in and did bad things, you can't completely protect yourself from hackers. If the difference between having a secure company and an insecure company were cut and dry, then it might have an affect. But the entire security landscape is so nuanced and complicated that the average person watching/reading the news isn't going to know the difference between 2 different companies (one with good security practices and one without).
I wonder whether a marketing campaign focused on security would be effective. For example, "We are the only accounting software to use end-to-end encryption of your financial data. Don't trust your sensitive data with anyone else!"
The horrible news is already baked in. The entire value of the company is Ali Baba. If this breaks the acquisition or causes shareholder suits, then it's a problem.
It only matters if it affects how people interact with Yahoo's business or if it results in fines or lawsuits. Since it probably won't do any of these, it does make sense that it doesn't affect their share price.
In this case, most are looking to how Verizon responds. The share price should be near equivalent to acquisition price. Verizon pulling out of the deal would see it plummet in my opinion.
Edit: acquisition offer usually priced into share price, harder to calculate in this situation since Verizon isn't buying the whole company and all assets.
It is almost certain that this evolving risk was disclosed to Verizon (and other officially interested parties) during the initial stages of the sale negotiating process, and could well explain the difficult gestation of the Yahoo sale. Note that standard procedure would have been for interested parties wishing to enter into formal discussions, to sign watertight non-disclosures at the risk of very big legal liabilities if they don't abide by them. Any M&A professional would know that the valuation hit of "owning up early" is much smaller than the catastrophic effect of trying to hide such a thing until the inevitable noisy leak.
Stock price is defined by the expectation of future earnings. If investors have seen in the past that security breaches have no impact on other businesses, why should they react to this ? SONY has had a much worse security breah not too long ago (with stuff stored in plain text!) and people kept using SONY online services anyway.
Security mistakes do not make lasting impacts on stock prices in my experience. They tend to be a little hiccup, but afterwards things keep moving along on the existing trend.
A cluster of security mistakes in other companies does seem to increase the price of stocks like FEYE, CUDA & FTNT.
> You'd think this would affect the stock price, but currently YHOO only trading down 8 cents (-0.18%).
Why would the stock be affected? Yahoo emails are free. Even if majority is hacked this won't make dent in their revenue streams coming mostly from advertising.
Yahoo is being bought by Verizon, so unless VZ know decides to not purchase YHOO, the stock price is pretty much hard-coded. Otherwise there would be an arbitrage opportunity.
What!? Surely you're being flippant. Alexa currently ranks Yahoo.com as #5 worldwide and in the United States. NUMBER 5! How anyone could think that has zero value makes no sense to me.
Yeah I keep hearing the same thing, but obviously it's at least worth around what Verizon paid for it. I think it's actually worth more, but there is so much hate for the company and its management team.
While the thing you're responding to is obviously idiotic it occurs to me that the sanity of the valuation of Yahoo! is not "obvious" at all. It's a result of the application of partially visible heuristics to determine the worth of things like users, views, "talent," and etc, all passed through back-room dealing at the executive level and bargaining behind closed doors.
The reason I bother coming here to say this is that I think the idea that 4.8 billion dollars "makes sense" to an outsider is endemic of thinking that leads to a dangerous lack of regulation. In other words, I'd be careful not to assume that the left hand always knows what the right hand is doing in companies at this scale.
Your statement doesn't imply value at all. If I created a web site that gave every visitor $1, it would amass an amazing number of visitors, but would be a worthless business.
Yahoo are giving away money? No, of course not. So how does your logic apply. People are visiting Yahoo because they want to use Yahoo services ... even if they're not then they're still visiting, that is valuable to online businesses where a lot of marketing goes in to just getting visitors.
> it would amass an amazing number of visitors, but would be a worthless business. //
You'd get in serious debt. But the website would still be worth something afterwards, not what you paid, but it would have a significant value. Good marketing could convert some of those repeat visitors looking for free money. Indeed, it actually sounds like not a half bad idea! Give away money via paypal/bitcoin or some such up to a limit for a few days, network effect is going to amplify that, then stop and lay out your stall .. if your stall was using bitcoin/paypal for micro payments then double+plus+good! You'd have stories in press around the world, everyone would be sharing your site ("Hey I got free money 2 days in a row at example.com").
Want to cause a riot? Release $100k in $1 notes in public in a busy, large, public space (Central Park?). Say you'll be back next week ... how many millions of people do you think you could attract, how many the 3rd week!!? How much would the press coverage and whatever brand association you could muster be worth?
The price of the stock has little to do with how the company does it's business or what it does.
It is as much about other investors as it is about the company itself.
The motivation there is pure profit, not some higher moral purpose or justice or "make the world better" idealism.
The stock price indirectly affects the company performance, just as the company performance affects the stock price, so it's a feedback loop (or conflict?) created between the investors and the company.
Apparently, investors think that this hack won't affect yahoo's performance or stock price.
These is just my interpretation of it of course, I guess very few people (if any) actually understand all the forces at play here.
