Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Friday May 17 2019, @01:04PM   Printer-friendly
from the you-don't-pay-your-money-[for-security]-you-take-your-chances dept.

After analyzing the top three breaches from the past three years, Bitglass found that in the aftermath of a data breach, a decrease in stock price was a notable repercussion identifiable for publicly traded companies.

The report, Kings of the Monster Breaches, identified the extensive damage done by improper security by looking specifically at the Marriott breach of 2018, the Equifax breach of 2017 and the Yahoo! breach of 2016. These top three breaches had a widespread impact on individuals, with a reported mean number of 257 million individuals directly affected by each breach.

Research also showed that these breaches have cost an average of $347 million in legal fees, penalties and remediation costs. "Marriott uncovered the breach while seeking GDPR compliance; the company is now being fined $912 million under the regulation," the report said.

[...] Publicly traded companies suffered an average drop of 7.5% in their stock values and a mean market cap loss of $5.4 billion per company, and it reportedly took 46 days, on average, for those stock prices to return to their pre-breach levels. To date, the stock price of Equifax has not yet recovered.

Source: InfoSecurity


Original Submission

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
  • (Score: 5, Insightful) by MrGuy on Friday May 17 2019, @02:20PM (3 children)

    by MrGuy (1007) on Friday May 17 2019, @02:20PM (#844708)

    Companies' Stock Value Dropped 7.5% after Data Breaches

    Publicly traded companies suffered an average drop of 7.5% in their stock values and a mean market cap loss of $5.4 billion per company, and it reportedly took 46 days, on average, for those stock prices to return to their pre-breach levels. To date, the stock price of Equifax has not yet recovered.

    So, Equifax is an outlier (which is good, because what happened with them is really, really bad, and data is their ENTIRE business).

    But what what I take away is for consumer-facing companies, for whom data management isn't the core of their business, the penalties to the stock price and market value are basically non-existent.

    A drop of 7.5% is a large drop, and represents a lot of value. A permanent loss of 7.5% of the market value of a large company would represent a huge loss. But a drop of 7.5% for a month and a half, followed by a return to pre-breach levels, is basically equivalent to saying "there was no long term impact." It's NOTHING. Sure, a few short-term traders might have lost (or made) a lot of money, but anyone with a long-term position really was unaffected.

    • (Score: 0) by Anonymous Coward on Friday May 17 2019, @03:25PM (2 children)

      by Anonymous Coward on Friday May 17 2019, @03:25PM (#844738)

      1) Doing any kind of statistical analysis or picking outliers from three (3) points is insane.

      2) Of course the stock values will eventually rebound: inflation is a fact, more money is constantly being printed.

      • (Score: 2) by MrGuy on Friday May 17 2019, @05:09PM (1 child)

        by MrGuy (1007) on Friday May 17 2019, @05:09PM (#844777)

        Agree that so few data points is anecdotal evidence, not statistical in any way.

        That said, a recovery in 46 DAYS isn't "eventually rebounding due to inflation." It's the market effectively deciding "OK, we've moved on from that disclosure having any relevance to the long term value of your company." To me, the effect that's way more interesting than the one in the headline (stock prices drop on negative news!) is the relatively quick rebound.

        It also undercuts most of the conclusions of the article - "Companies will take note and change their behavior because the losses are huge!" If I were a corporation, I'd look at this and think "Investors react to negative news in the short term, but don't really care over the longer term about this kind of thing."

        • (Score: 2) by deimtee on Saturday May 18 2019, @03:34AM

          by deimtee (3272) on Saturday May 18 2019, @03:34AM (#844926) Journal

          It also undercuts most of the conclusions of the article - "Companies will take note and change their behavior because the losses are huge!" If I were a corporation, I'd look at this and think "Investors react to negative news in the short term, but don't really care over the longer term about this kind of thing."

          You are insufficiently cynical.

          Slightly cynical: "I'd look at this and think "Right after a data breach would be a good time to pick up some more stock.""

          Sufficiently cynical: "I want to buy some more stock. How do I organize a data breach."

          --
          If you cough while drinking cheap red wine it really cleans out your sinuses.
(1)