Organizational Cyber Data Breach Analysis of Facebook, Equifax, and Uber Cases

Data breaches are events that have concluded in the compromise of personally identifiable information (PII) for millions of people globally. The consequences of such events can only result in certain serious outcomes, including identity theft. Such perilous outcomes highlight the importance of organizational entities accurately safeguarding and preserving the PII gathered from stakeholders or consumers. The user data breaches of Facebook, Equifax, and Uber concluded in the compromise of PII data for millions of consumers and employees, which are the most critical aspects that comprise any organizational infrastructure. This paper will examine the events leading to and transpiring after the data breaches of Facebook, Equifax, and Uber. In addition, the collective impact on every organization and its various incident management procedures will be addressed.

Download Full-text

Cyber Security, Challenges, Some Practical Solutions

International Journal of Scientific Research in Computer Science Engineering and Information Technology ◽

10.32628/cseit19519 ◽

2019 ◽

pp. 79-87

Author(s):

Y. V. Sai Bharadwaj ◽

Sai Bhageerath Y. V ◽

Y.V.S.S.S.V. Prasada Rao

Keyword(s):

United States ◽

Cyber Security ◽

Identity Theft ◽

The United States ◽

Business Leaders ◽

Security Threat ◽

Data Breach ◽

Financial Access ◽

Data Breaches ◽

Security Challenges

Cybercrime continues to surge without a slowdown in sight. The cyber security threat continues to worsen. In the first half of 2018, the number of cyber breaches soared over 140% from a year earlier, leading to 33 billion compromised data records worldwide. Cyber Security news such as Marriott hack in Nov 2018 is dominating headlines and becoming a serious headache for business leaders. Malicious outsiders sparked more than half of the 944 breaches and accounted for roughly 80% of stolen, compromised or lost records. Identity theft continues to lead data breach types, but financial access incidents are escalating in severity as well. The United States continues to be the favorite target, and data breaches at major US enterprises continue to grab the headlines. In 2018, the most notable breaches have occurred at Adidas, FedEx, Jason’s Deli, Macy’s, Under Armour, Nordstrom’s and the most popular Facebook. [1].

Download Full-text

A Monte-Carlo Analysis of Monetary Impact of Mega Data Breaches

International Journal of Cyber Warfare and Terrorism ◽

10.4018/ijcwt.2021070105 ◽

2021 ◽

Vol 11 (3) ◽

pp. 58-81

Author(s):

Mustafa Canan ◽

Omer Ilker Poyraz ◽

Anthony Akil

Keyword(s):

Monte Carlo ◽

Monte Carlo Analysis ◽

Class Action ◽

Categorical Variables ◽

Data Breach ◽

Independent Variables ◽

Data Breaches ◽

Personally Identifiable Information ◽

Total Data ◽

The Cost

The monetary impact of mega data breaches has been a significant concern for enterprises. The study of data breach risk assessment is a necessity for organizations to have effective cybersecurity risk management. Due to the lack of available data, it is not easy to obtain a comprehensive understanding of the interactions among factors that affect the cost of mega data breaches. The Monte Carlo analysis results were used to explicate the interactions among independent variables and emerging patterns in the variation of the total data breach cost. The findings of this study are as follows: The total data breach cost varies significantly with personally identifiable information (PII) and sensitive personally identifiable information (SPII) with unique patterns. Second, SPII must be a separate independent variable. Third, the multilevel factorial interactions between SPII and the other independent variables elucidate subtle patterns in the total data breach cost variation. Fourth, class action lawsuit (CAL) categorical variables regulate the variation in the total data breach cost.

Download Full-text

More Than a Suspect: An Investigation into the Connection Between Data Breaches, Identity Theft, and Data Breach Notification Laws

Journal of Information Policy ◽

10.5325/jinfopoli.10.2020.0045 ◽

2020 ◽

Vol 10 ◽

pp. 45

Author(s):

Bisogni ◽

Asghari

Keyword(s):

Identity Theft ◽

Data Breach ◽

Data Breaches

Download Full-text

Cloud Data Breach Disclosures: the Consumer and their Personally Identifiable Information (PII)?

10.1109/21cw48944.2021.9532579 ◽

2021 ◽

Author(s):

David Kolevski ◽

Katina Michael ◽

Roba Abbas ◽

Mark Freeman

Keyword(s):

Data Breach ◽

Cloud Data ◽

Personally Identifiable Information

Download Full-text

Do data breach disclosure laws reduce identity theft?

Journal of Policy Analysis and Management ◽

10.1002/pam.20567 ◽

2011 ◽

Vol 30 (2) ◽

pp. 256-286 ◽

Cited By ~ 75

Author(s):

Sasha Romanosky ◽

Rahul Telang ◽

Alessandro Acquisti

Keyword(s):

Identity Theft ◽

Data Breach ◽

Disclosure Laws

Download Full-text

Three Essays on Corporate Financial Constraints

10.26686/wgtn.16917442 ◽

2021 ◽

Author(s):

◽

Kwabena Boasiako

Keyword(s):

Credit Risk ◽

Financial Markets ◽

The United States ◽

Data Breach ◽

Data Breaches ◽

The Third ◽

Financial Deregulation ◽

Disclosure Laws ◽

The Impact ◽

The U.S

This thesis is composed of three self-contained empirical essays in corporate finance, with the first two exploring the financial policy and credit risk implications of data breaches, and the third examining whether financing influences the sensitivity of cash and investment to asset tangibility. In the first essay, we contribute to the growing debate on cybersecurity risks and how firms can insulate themselves, at least partially, from the adverse effects of data breach risks. Specifically, we examine the effects of data breach disclosure laws and the subsequent disclosure of data breaches on the cash policies of corporations in the United States (U.S.). Exploiting a series of natural experiments regarding staggered state-level data breach disclosure laws, we find that the passage of mandatory disclosure laws leads to an increase in cash holdings. Our finding suggests that mandatory data breach disclosure laws increase the ex ante risks related to data breaches, hence, firms hold on to more cash as a precautionary motive. Further, we find firms that suffer data breaches adjust their financial policies by holding more cash as well as decreasing external finance and investment. The second essay examines the impact of data breaches on firm credit risk. Using firm-level credit ratings and credit default swap (CDS) spreads to proxy for credit risk, we find that data breaches lead to increases in firm credit risk. Firms exposed to data breaches are more likely to experience credit rating downgrades and an increase in the CDS spread of traded bonds. Also, firms who suffer data breaches report lower sales and ROA, experience an increase in financial distress, and conditional on a data breach incident, the likelihood of a future data breach increases. Lastly, these effects are magnified for firms with low-interest coverage ratios. In the third essay, using the financial deregulation of seasoned equity issuance in the U.S. as an exogenous shock to access to equity markets, I investigate the influence of financing on the sensitivity of cash and investment to asset tangibility. I show that financing dampens the sensitivity of cash and investment to asset tangibility and promotes investment and firm growth. This provides evidence that public firms even in well-developed financial markets such as the U.S., benefit from financial deregulation that removes barriers to external equity financing, shedding light on the role of financial markets in fostering growth.

Download Full-text

Reducing Cloud Data Breaches and Improving Data Security using Honey Encryption Algorithm

International Journal of Innovative Technology and Exploring Engineering - Special Issue ◽

10.35940/ijitee.k1253.09811s19 ◽

2019 ◽

Vol 8 (11S) ◽

pp. 1260-1264

Keyword(s):

Data Security ◽

Encryption Algorithm ◽

Secret Key ◽

Sensitive Data ◽

Data Breach ◽

Cloud Data ◽

Data Breaches ◽

Proposed Model ◽

Security Event ◽

Cloud Applications

Data security is the most predominant measure that should be followed in any organization to prevent uncertified access to user’s data. A data breach is a security event in which sensitive data is viewed, transmitted, stolen or used by an unauthorized individual. A number of breaches include compromised password files which reveal the passwords of millions of users in an organization. The paper is intended to identify such password breaches through honey encryption technique. Using the concept of honey words, each user has a list of sweet words corresponding to their account, out of which only one is original password and remaining are fake passwords. During Honey Encryption, Distribution-transforming encoder (DTE) is applied on the password to acquire the seed space which is then encrypted by using secret key. The proposed model can be efficiently implemented in cloud applications to highly reduce cloud data breaches.

Download Full-text

What to do after a data breach? Examining apology and compensation as response strategies for health service providers

Electronic Markets ◽

10.1007/s12525-021-00490-3 ◽

2021 ◽

Author(s):

Kristin Masuch ◽

Maike Greve ◽

Simon Trang

Keyword(s):

Health Service ◽

Health Services ◽

Service Providers ◽

Data Breach ◽

Data Breaches ◽

Response Strategies ◽

Customer Information ◽

Health Service Providers ◽

Recovery Strategies ◽

Fitness Tracker

AbstractInnovative IT-enabled health services promise tremendous benefits for customers and service providers alike. Simultaneously, health services by nature process sensitive customer information, and data breaches have become an everyday phenomenon. The challenge that health service providers face is to find effective recovery strategies after data breaches to retain customer trust and loyalty. We theorize and investigate how two widely applied recovery actions (namely apology and compensation) affect customer reactions after a data breach in the specific context of fitness trackers. Drawing on expectation confirmation theory, we argue that the recovery actions derived from practice, apology, and compensation address the assimilation-contrast model’s tolerance range and, thus, always lead to satisfaction with the recovery strategy, which positively influences customers’ behavior. We employ an experimental investigation and collect data from fitness tracker users during a running event. In the end, we found substantial support for our research model. Health service providers should determine specific customer expectations and align their data breach recovery strategies accordingly.

Download Full-text

The Effects of Service Crises and Recovery Resources on Market Reactions: An Event Study Analysis on Data Breach Announcements

Journal of Service Research ◽

10.1177/10946705211036944 ◽

2021 ◽

pp. 109467052110369

Author(s):

Shahin Rasoulian ◽

Yany Grégoire ◽

Renaud Legoux ◽

Sylvain Sénécal

Keyword(s):

Stock Returns ◽

Event Study ◽

Service Failure ◽

Financial Data ◽

Causal Process ◽

Study Analysis ◽

Data Breach ◽

Market Reactions ◽

Data Breaches ◽

Recovery Resources

Building on the literatures on service failure and crisis seriousness, we develop a framework to understand the effects of a specific type of service crisis (i.e., data breaches) and organizational recovery resources on the reactions of the stock market. To do so, we conduct an event study analysis with a sample of 217 data breach announcements, as our empirical context. Our analyses reveal that a firm suffers from negative abnormal stock returns when either the outcome of the breach (e.g., the breach of financial data) or its causal process (e.g., hacker attack) indicates a high level of seriousness. Moreover, considering organizational recovery resources, we find that in the case of financial data breaches, age, size, profitability, liquidity, and brand familiarity are the primary resources that can help a firm’s recovery. For hacker attacks, these organizational recovery resources include size, profitability, and liquidity.

Download Full-text