Abstract
The aim of this article is to investigate the impact of data breach severity on the readability of mandatory data breach notification letters. Using a content analysis approach to determine data breach severity attributes (measured by the total number of breached records, type of data accessed, the source of the data breach, and how the data were used), in conjunction with readability measures (reading complexity, numerical intensity, length of letter, word size, and unique words), 512 data breach incidents from 281 U.S. firms across the 2012–2015 period were examined. The results indicate that data breach severity has a positive impact on reading complexity, length of letter, word size, and unique words, and a negative impact on numerical terms. Interpreting the results collectively through the lens of impression management, it can be inferred that business managers may be attempting to obfuscate bad news associated with high data breach severity incidents by manipulating syntactical features of the data breach notification letters in a way that makes the message difficult for individuals to comprehend. The study contributes to the information studies and impression management behavior literatures by analyzing linguistic cues in notifications following a data breach incident.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: Journal of the Association for Information Science and Technology
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
