October 19, 2018
15:00 - 17:00
VAES ROOM, LLN
Research Seminar by Prof. Shuili DU, Peter T. Paul College of Business and Economics
Title: The Socially Irresponsible Side of Data Breach: Can Corporate Social Responsibility Shield the Breached Firm?
Abstract: Data security breaches are becoming increasingly common, yet the research results are mixed regarding the losses and damages caused by data breach. Using Weiner’s (1986) attribution theory and its four dimensions (locus of causality, controllability, stability, and severity) as the overarching framework, we identify and categorize the contextual variables that underline investors’ attributions of a data breach. We further examine the role of corporate social responsibility (CSR) in mitigating investors’ negative reactions toward a data breach. Using panel data, this research finds that the market reacts more negatively if a breach incident is more severe or occurs at a firm that consistently demonstrates irresponsible behaviors, possibly because breaches with such characteristics trigger higher (ir)responsibility attributions by the stakeholders and their resultant anger and propensity to boycott the breached firms. On the other hand, the market reacts less negatively when a breach occurs at a firm with a high level of CSR. Furthermore, CSR also significantly lessens the negative effect of investors’ (ir)responsibility attributions (severity, stability, locus of cause) on the market value of the breached firm. We end with a discussion of the implications of these findings for theory and practice.