Data Breaches occur in many forms that include bad security practices, hacking, insider attacks, stolen or lost equipment and computer or data theft. Data breaches happen to organizations of all types. In this paper, we present an analysis of the stock market’s assessment of the cost of data breaches through the examination of 467 heterogeneous data breach events that occurred at 261 publicly traded companies between year 2005 and 2014. Our event study findings indicate that publicly traded firms in the U.S. lost, on average, .37% of their equity value when a data breach occurs. Particularly, we find that breaches resulting from payment card fraud contributed more to negative announcement returns than the other breach types. Such negative announcement effects are most heavily felt when firms with card breaches are larger than the average, resulting in a 3% decline in firm equity value. Contrary to previous studies, we find that repeated breaches do not impact firm stock value differently than first-time-breaches. However, we find that there is a high correlation between firm sizeand the existence of multiple, repeat, data breaches. This implies that large firms hit by a data breach are more likely to experience subsequent breaches than small firms.
CITATION STYLE
Johnson, M., Kang, M. J., & Lawson, T. (2017). Stock Price Reaction to Data Breaches. Journal of Finance Issues, 16(2), 1–13. https://doi.org/10.58886/jfi.v16i2.2263
Mendeley helps you to discover research relevant for your work.