Effects of data breaches from user-generated content: A corporate reputation analysis

Abstract

A threat for a growing number of firms in various industries is the occurrence of different breaches of sensitive corporate data. These critical events represent vulnerability for firms' corporate reputations, whose multiple dimensions are affected by customers negative perceptions in various ways. Further, in the Industry 4.0 era, the redundancy of scandals on social media can exacerbate negative effects. This paper reports an investigation into the effects of data breaches on corporate reputation dimensions. In this context, the study conducted latent Dirichlet allocation analysis on social media user-generated content (UGC) for a sample of 35 firms in nine industries that suffered a data breach incident between 2013 and 2016. Incidents have been categorized into three categories: “intentional and internal,” “unintentional and internal,” and “intentional and external” data breaches. The aim of the study was to discover how reputational dimensions changed after these critical events and to identify the differences among the types of data breaches.Results reveal that after critical events, more reputational dimensions appear to be relevant. While before critical events, users typically discuss the “perceived quality” of a firm's offer, after all three types of data breaches, users also pay attention to “customer orientation” and “corporate performance” dimensions. Another key reputation dimension, especially after intentional and internal data breaches, is the “firm as employer,” particularly in the context of a lack of investment in training regarding these events.These findings provide key insights for academics and practitioners to understand large-scale data breaches effects and reputational drawbacks after such incidents.