Ah, I’m having flashbacks to the days when some of us debated whether the TJ Maxx breach would have any significant impact and how could we determine impact.
Bruce Schneier cites a research report,“Long-term market implications of data breaches, not,” by Russell Lange and Eric W. Burger.
From key findings:
- While the difference in stock price between the sampled breached companies and their peers was negative (1.13%) in the first 3 days following announcement of a breach, by the 14th day the return difference had rebounded to + 0.05%, and on average remained positive through the period assessed.
- For the differences in the breached companies’ betas and the beta of their peer sets, the differences in the means of 8 months pre-breach versus post-breach was not meaningful at 90, 180, and 360 day post-breach periods.
Read more on Security Boulevard.