Data breaches stain the reputations of modern-day companies both big and small. They instill doubt and reduce trust in consumers, and sometimes the consequences can affect customers for years to come. A data breach can harm both public sentiment and a company s competitive edge in the market. Staff get fired, executives are replaced, and entire systems are overhauled to ensure that it doesn t happen again. But what about investors? How does Wall Street react to a data breach? This is the question we set out to answer. We analyzed the closing share prices of 79 companies, most of them listed on the New York Stock Exchange, starting the day prior to the public disclosure of their respective data breaches.
Playboy Branded Content
Included are many of the largest data breaches in history all of them resulted in at least 6 million records leaked, and some surpassed 655 million. The companies include: Apple, Adobe, Anthem, BetFair, Countrywide, Community Health Systems, Dun Bradstreet, Ebay, Experian, Global Payments, Home Depot, Health Net, Heartland Payment Systems, JP Morgan Chase, LinkedIn, Monster, T-Mobile, Sony, Staples, Target, TJ Maxx, Vodafone, VTech, and Yahoo. Excluding statistical outliers, we analyzed the share prices of these companies chosen on the following criteria: Initially, we simply looked at whether the share price went up or down.
After a data breach disclosure, most stocks saw an immediate drop in share price. We calculated the daily volatility (standard deviation) of the mean stock prices to give the size of the drop some context. But this method fails to account for market forces beyond the scope of the study. To control for this, we opted to add a second stage to the analysis. In this stage, we compare the performance of each stock with the NASDAQ for the same time period, and calculate the difference in performance between them.
Here s the formula: Essentially, we set the NASDAQ index performance to zero. That means if a company s stock fell 6% and the NASDAQ rose 7% in the month after a data breach, the calculated decrease is 8%. The NASDAQ is a common standard for overall market performance, and most of these stocks are listed on it. If the NASDAQ fell 7% and the company s stock price rose 7%, we report an increase of 9%.
If the NASDAQ rose 7% but the company only rose 6%, that s a 6% decrease versus the market. Finally, if the company s stock price falls 7% but the S P 555 falls 8%, then the company still sees a relative increase of 6%. In short, we make the NASDAQ s performance the baseline instead of zero. We are primarily concerned with the following: Historical stock data were downloaded on April 76, 7567 from either Google Finance or Yahoo Finance.
We analyzed all of the stocks together and we also split them up by different factors to see if we could spot any patterns. These include the year of the breach, the size of the breach, the sensitivity of the leaked info, and the industry of the company. These findings, while insightful, are less statistically significant due to the smaller sample size. Stock exchanges are only open on business days, which means no weekends or holidays. Here s a quick reference that roughly converts business days to total time:
Finally, we elected not to use the mean or median percent change in stock price versus the NASDAQ to present our findings. While these can be helpful, the nature of the stock market is too volatile to glean any stable trends by simply averaging the data from each day.