Those of a certain age may recall sitting down of an eve to “Beeb & Chill” 30 minutes of lip sync’d musical performances and a breakdown of the “Top of the Pops”. Although the “FANG” generation of Facebook, Amazon, Netflix and Google users no doubt can’t imagine anything less spontaneous, it’s one of the ways we stayed on top of what was going on in the world around us.
Top of the (Breach) Pops
Building upon our earlier post about Uber’s “data incident”, we are hearing that international regulators are taking a particular interest in the data loss, which appears to have impacted some 57 million accounts.
Unfortunately, or perhaps fortunately, the timing of this disclosure came about as Softbank is seeking to take a significant stake in the business and is no doubt going through Financial Diligence.
The Impact of a Breach on a Company Valuation
As we saw earlier this year, Verizon’s acquisition of Yahoo was impacted significantly by an eventual disclosure that Yahoo had also suffered breaches that garner it the position on the top two spots on any list of security breaches. Losing 500 million records can be problematic, we’ve all been there, but a breach that impacts all three billion customer accounts could be a “fool me twice” issue.
Grant Thornton’s Valuation team track the impact on stock prices of some of the more egregious data breaches (see some of our work here). It can seem surprising how quickly many organisations bounce back following an announcement of a breach. However, many studies have demonstrated (Verizon, Ponemon et al) that effective breach management and managers can impact the public and market perception of a breach enormously. Our experience working with our clients on breach management has certainly confirmed this.
A Co-ordinated Approach?
The incident has pushed governments and regulators in countries including Britain, the United States, Mexico, Australia and the Philippines to broaden investigations into handling of the matter. Uber has worked to implement a new, collaborative approach to regulators.
These could be challenging times as many international regulators find their teeth on data governance and the international equivalent of the GDPR Assurance Principle.
Uber seems to be moving up the charts this week… who’ll be top next?
SoftBank learned of the hack about a month ago, which may have changed its evaluation of Uber’s shares, according to people familiar with the matter. Some investors and observers say corporate breaches are becoming so routine that they shouldn’t weigh on a company’s valuation, though Uber’s string of controversies this year has given shareholders reason to question what’s next.