{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,7]],"date-time":"2026-02-07T23:09:42Z","timestamp":1770505782980,"version":"3.49.0"},"reference-count":46,"publisher":"IGI Global","issue":"1","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2012,1,1]]},"abstract":"<p>Information security breaches pose a growing threat to organizations and individuals, particularly those that are heavily involved in e-business\/e-commerce. An information security breach can have wide-ranging impacts, including influencing the behaviors of competitors and vice versa within the context of a competitive marketplace. Therefore, there is a need for further exploration of implications of information security breaches beyond the focus of the breached firm. This study investigates the financial impact of publicly announced information security breaches on breached firms and their non-breached competitors. While controlling for size and the industry the firm operates in, the authors focus on specific types of information security breaches (Denial of Service, Website Defacement, Data Theft, and Data Corruption). Unlike previous studies that have used event study methodology, the authors investigate information transfer effects that result from information security breaches using the matched sampling method. The study reveals statistically significant evidence of the presence of intra-industry information transfer for some types of security breaches. The authors also found evidence of contagion effects, but no similar evidence concerning competition effect.<\/p>","DOI":"10.4018\/irmj.2012010102","type":"journal-article","created":{"date-parts":[[2012,1,13]],"date-time":"2012-01-13T15:27:58Z","timestamp":1326468478000},"page":"21-37","source":"Crossref","is-referenced-by-count":21,"title":["Financial Impact of Information Security Breaches on Breached Firms and their Non-Breached Competitors"],"prefix":"10.4018","volume":"25","author":[{"given":"Humayun","family":"Zafar","sequence":"first","affiliation":[{"name":"Kennesaw State University, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Myung","family":"Ko","sequence":"additional","affiliation":[{"name":"The University of Texas at San Antonio, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Kweku-Muata","family":"Osei-Bryson","sequence":"additional","affiliation":[{"name":"Virginia Commonwealth University, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"2432","reference":[{"key":"irmj.2012010102-0","unstructured":"Acquisti, A., Friedman, A., & Telang, R. (2006). Is there a cost to privacy breaches? An event study. Paper presented at the 27th International Conference on Information Systems, Milwaukee, WI."},{"key":"irmj.2012010102-1","doi-asserted-by":"publisher","DOI":"10.1086\/296203"},{"key":"irmj.2012010102-2","doi-asserted-by":"publisher","DOI":"10.2307\/2978933"},{"key":"irmj.2012010102-3","doi-asserted-by":"publisher","DOI":"10.1016\/j.eswa.2006.01.020"},{"key":"irmj.2012010102-4","doi-asserted-by":"crossref","first-page":"684","DOI":"10.17705\/1CAIS.01246","article-title":"An analysis of the growth of computer and Internet security breaches.","volume":"12","author":"K.Bagchi","year":"2003","journal-title":"Communications of the Association for Information Systems"},{"key":"irmj.2012010102-5","doi-asserted-by":"publisher","DOI":"10.1016\/0304-405X(96)84701-5"},{"key":"irmj.2012010102-6","unstructured":"Bardram, J. E. (2003). Hospitals of the future\u2013ubiquitous computing support for medical work in hospitals. Paper presented at the Workshop on Ubiquitous Computing for Pervasive Healthcare Applications (Ubicomp 2003), Seattle, WA."},{"key":"irmj.2012010102-7","doi-asserted-by":"publisher","DOI":"10.1145\/162124.162127"},{"key":"irmj.2012010102-8","doi-asserted-by":"publisher","DOI":"10.1145\/332051.332079"},{"key":"irmj.2012010102-9","doi-asserted-by":"publisher","DOI":"10.1287\/mnsc.49.2.197.12741"},{"key":"irmj.2012010102-10","doi-asserted-by":"publisher","DOI":"10.2307\/3250983"},{"key":"irmj.2012010102-11","author":"A.Biesada","year":"2008","journal-title":"Hoover\u2019s Handbook of American business"},{"issue":"3","key":"irmj.2012010102-12","doi-asserted-by":"crossref","first-page":"431","DOI":"10.3233\/JCS-2003-11308","article-title":"The economic cost of publicly announced information security breaches: Empirical evidence from the stock market.","volume":"11","author":"K.Campbell","year":"2003","journal-title":"Journal of Computer Security"},{"issue":"1","key":"irmj.2012010102-13","doi-asserted-by":"crossref","first-page":"70","DOI":"10.1080\/10864415.2004.11044320","article-title":"The effect of internet security breach announcements on market value: Capital market reactions for breached firms and internet security developers.","volume":"9","author":"H.Cavusoglu","year":"2004","journal-title":"International Journal of Electronic Commerce"},{"key":"irmj.2012010102-14","unstructured":"Claburn, T. (2009). Heartland Payment Systems Hit by Data Security Breach. Retrieved April 2, 2009, from http:\/\/www.informationweek.com\/news\/security\/attacks\/showArticle.jhtml?articleID=212901505"},{"key":"irmj.2012010102-15","doi-asserted-by":"publisher","DOI":"10.1016\/0165-4101(87)90018-8"},{"key":"irmj.2012010102-16","unstructured":"Coroama, V., & R\u00f6thenbacher, F. (2003). The Chatty Environment\u2013providing everyday independence to the visually impaired. Paper presented at the Workshop on Ubiquitous Computing for Pervasive Healthcare Applications (Ubicomp 2003)."},{"key":"irmj.2012010102-17","doi-asserted-by":"publisher","DOI":"10.1016\/j.jom.2006.09.001"},{"key":"irmj.2012010102-18","doi-asserted-by":"publisher","DOI":"10.1046\/j.1365-2575.2001.00099.x"},{"key":"irmj.2012010102-19","doi-asserted-by":"publisher","DOI":"10.2308\/jis.2003.17.2.71"},{"key":"irmj.2012010102-20","unstructured":"Floerkemeier, C., & Siegemund, F. (2003). Improving the effectiveness of medical treatment with pervasive computing technologies. Paper presented at the Workshop on Ubiquitous Computing for Pervasive Healthcare Applications (Ubicomp 2003), Seattle, WA."},{"key":"irmj.2012010102-21","doi-asserted-by":"publisher","DOI":"10.1016\/0165-4101(81)90003-3"},{"key":"irmj.2012010102-22","doi-asserted-by":"publisher","DOI":"10.1111\/j.1540-6296.2010.01178.x"},{"key":"irmj.2012010102-23","unstructured":"Helal, S., Giraldo, C., Kaddoura, Y., Lee, C., El Zabadani, H., & Mann, W. (2003). Smart phone based cognitive assistant. Paper presented at the Workshop on Ubiquitous Computing for Pervasive Healthcare Applications (Ubicomp 2003), Seattle, WA."},{"key":"irmj.2012010102-24","doi-asserted-by":"publisher","DOI":"10.2307\/249475"},{"key":"irmj.2012010102-25","doi-asserted-by":"publisher","DOI":"10.1201\/1086\/44530.13.3.20040701\/83067.5"},{"key":"irmj.2012010102-26","doi-asserted-by":"publisher","DOI":"10.1057\/ejis.2009.7"},{"key":"irmj.2012010102-27","doi-asserted-by":"publisher","DOI":"10.1016\/S1467-0895(03)00008-3"},{"key":"irmj.2012010102-28","doi-asserted-by":"publisher","DOI":"10.1016\/j.dss.2011.01.010"},{"key":"irmj.2012010102-29","doi-asserted-by":"publisher","DOI":"10.1111\/j.1475-679X.2008.00297.x"},{"issue":"2","key":"irmj.2012010102-30","first-page":"13","article-title":"The impact of information security breaches on financial performance of the breached firms: an empirical investigation.","volume":"17","author":"M.Ko","year":"2006","journal-title":"Journal of Information Technology Management"},{"key":"irmj.2012010102-31","doi-asserted-by":"publisher","DOI":"10.4018\/irmj.2009040101"},{"key":"irmj.2012010102-32","unstructured":"Mills, E. (2009). Cybercrime cost firms $1 trillion globally. Retrieved September 25, 2009, from http:\/\/news.cnet.com\/8301-1009_3-10152246-83.html"},{"key":"irmj.2012010102-33","doi-asserted-by":"crossref","unstructured":"Mynatt, E. D., Essa, I., & Rogers, W. (2000). Increasing the opportunities for aging in place. In Proceedings of ACM Conference on Universal Usability (pp. 65-71).","DOI":"10.1145\/355460.355475"},{"key":"irmj.2012010102-34","doi-asserted-by":"publisher","DOI":"10.2308\/jis.2004.18.2.79"},{"key":"irmj.2012010102-35","doi-asserted-by":"publisher","DOI":"10.1016\/j.jbankfin.2005.03.001"},{"key":"irmj.2012010102-36","unstructured":"Ponemon Institute. (2010). 2010 Annual Study: U.S. Cost of a Data Breach. Retrieved April 20, 2011, from http:\/\/www.symantec.com\/content\/en\/us\/about\/media\/pdfs\/symantec_ponemon_data_breach_costs_report.pdf"},{"key":"irmj.2012010102-37","unstructured":"Rehak, J. (2002). Tylenol made a hero of Johnson & Johnson: The recall that started them all. Retrieved October 1, 2009, from http:\/\/www.nytimes.com\/2002\/03\/23\/your-money\/23iht-mjj_ed3_.html"},{"key":"irmj.2012010102-38","first-page":"1","article-title":"CSI computer crime and security survey.","volume":"1","author":"R.Richardson","year":"2008","journal-title":"Computer Security Institute"},{"key":"irmj.2012010102-39","unstructured":"Riddell, K. (2011). Security-Breach Costs Climb 7% to $7.2 Million per Incident. Retrieved May 10, 2011, from http:\/\/www.bloomberg.com\/news\/print\/2011-03-08\/security-breach-costs-climb-7-to-7-2-million-per-incident.html"},{"key":"irmj.2012010102-40","unstructured":"Shen, R. (2008). The Role of Analysts in Intra-industry Information Transfer. Retrieved May 10, 2011, from http:\/\/www.ckgsb.com\/userfiles\/doc\/ck_faculty_researchSeminar_10.pdf"},{"key":"irmj.2012010102-41","doi-asserted-by":"publisher","DOI":"10.1057\/palgrave.ejis.3000537"},{"key":"irmj.2012010102-42","doi-asserted-by":"publisher","DOI":"10.1109\/MPRV.2002.1012332"},{"key":"irmj.2012010102-43","doi-asserted-by":"publisher","DOI":"10.2307\/249307"},{"key":"irmj.2012010102-44","doi-asserted-by":"publisher","DOI":"10.2307\/2329002"},{"key":"irmj.2012010102-45","doi-asserted-by":"crossref","first-page":"258","DOI":"10.17705\/1CAIS.01217","article-title":"The WOSP model: Balanced information system design and evaluation.","volume":"12","author":"B.Whitworth","year":"2003","journal-title":"Communications of the Association for Information Systems"}],"container-title":["Information Resources Management Journal"],"original-title":[],"language":"ng","link":[{"URL":"https:\/\/www.igi-global.com\/viewtitle.aspx?TitleId=61419","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,6,2]],"date-time":"2022-06-02T03:46:46Z","timestamp":1654141606000},"score":1,"resource":{"primary":{"URL":"https:\/\/services.igi-global.com\/resolvedoi\/resolve.aspx?doi=10.4018\/irmj.2012010102"}},"subtitle":[""],"short-title":[],"issued":{"date-parts":[[2012,1,1]]},"references-count":46,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2012,1]]}},"URL":"https:\/\/doi.org\/10.4018\/irmj.2012010102","relation":{},"ISSN":["1040-1628","1533-7979"],"issn-type":[{"value":"1040-1628","type":"print"},{"value":"1533-7979","type":"electronic"}],"subject":[],"published":{"date-parts":[[2012,1,1]]}}}