Abstract
AbstractMany companies face the risk of a data breach exposing stored personal information of customers and employees. The frequency of such incidents has been increasing over time and can result in significant costs for the affected firm. This article examines the stock market's assessment of the cost of data breaches at publicly traded companies in which personal information such as customer and/or employee data are exposed. Using event study methodology on a sample of 77 events between the beginning of 2004 and the end of 2006, we find that the overall effect of a data breach on shareholder wealth is negative and statistically significant. Based on a cross‐sectional analysis of the cumulative abnormal returns, we find a negative association between market reaction and firms that are less forthcoming about the details of the breach. We also find that firms with higher market‐to‐book ratios experience greater negative abnormal returns associated with a data breach. Further, we find that firm size and subsidiary status mitigate the negative effect of a data breach on the firm's stock price and that the negative market reaction to a data breach is more significant in the most recent time periods of the sample.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
