M&A and Privacy: Assessing a Target Company’s Data Security Hygiene
Data privacy, cybersecurity, and data breach risks are important due diligence issues in mergers and acquisitions. Unfortunately, discovering security problems and breaches post-acquisition is all too common.
According to one report, more than a third (40%) of acquiring companies said they discovered a cybersecurity problem post-acquisition. The most notable: Verizon’s discovery of a prior data breach at Yahoo!, which led to a $350 million reduction in the purchase price, and Yahoo!’s $35 million payment in penalties to settle with the SEC and an additional $80 million to settle with unhappy shareholders.
In a post-Verizon/Yahoo! world, how can an acquirer effectively assess the data security hygiene of the target? Karen Bromberg and Kwaku Andoh (Partners at Cohen & Gresser) help you understand what to look for (and what questions to ask) when assessing a target company’s data security hygiene in an M&A transaction.
You may also like...
DISCLAIMER: Because of the generality of this material, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.