Yahoo’s 2014 massive data breach, made public only two months after Verizon announced its plans to acquire Yahoo for $4.83 billion, highlights the necessity for proper cybersecurity due diligence in advance of an acquisition, and for the acquiring company to account for an undetected breach as part of the value of the transaction. There probably needs to be “a little more cybersecurity homework done before pulling the trigger on an acquisition. We hope this situation brings that conversation to the forefront,” Milan Patel, a managing director in K2 Intelligence’s cyber defense practice, told the Cybersecurity Law Report. In this article, with insight from attorneys and technical consultants, we examine current contingencies in Verizon’s deal with Yahoo and detail steps companies should be taking to identify and mitigate cyber risk through due diligence and how to structure a deal to account for those potential risks. See “Tackling Cybersecurity and Data Privacy Issues in Mergers and Acquisitions (Part One of Two)” (Sep. 16, 2015); Part Two (Sep. 30, 2015).