Does Value Drop After A Data Breach

The June issue of Compliance and Ethics Professional has a brief but interesting article by Sally March titled Are you confident it’s confidential? One of the references in the article cites the Ponemon Institute report “Reputation Impact of a Data Breach”. This is an older report from 2011, but we can examine the findings and determine the accuracy of the claims.

The study surveyed 843 senior-level individuals with deep expertise and knowledge about their organization’s brand and reputation management objectives.

We asked individuals participating in our study to estimate the economic value of their organizations’ corporate brand or reputation. The responses ranged from a value of less than $1 million to more than $10 billion. Using an extrapolation method we determined the average value of reputation or brand image for the organizations participating in the study – which is estimated as $1.56 billion. Depending upon the type of information lost as a result of the breach, the average loss in the value of the brand ranged from $184 million to more than $332 million

The results are extrapolated which means they are estimated, but that will allow us to see if the persons surveyed were correct in their assumptions. Table 1. Calculus on the economic impact of reputation decline from data breach states that Diminished value resulting from a data breach of customer data is 21% while Diminished value resulting from a data breach of employee data is 12% while Diminished value resulting from a data breach of IP data is 18%.

Based on what we know in our previous studies of company valuation after a data breach these numbers do not sound correct which would mean that the impact is being overestimated. For our purposes we will look at equity performance since the data breach of several high profile companies with high profile data breaches. The change in consumer sentiment will be felt on the Income Statement which will be reflected through the stock price. We believe this is a more realistic way to determine economic impact as US markets are liquid and efficient.

Below are selected stock charts from TGT, HD, and SNE starting from the time their data breaches were reported in the news to the present day. We will also examine LL which experienced a dangerous consumer products scandal, broke by Case Capital Management that was aired on 60 Minutes to compare real world consumer harm vs. virtual consumer harm with regard to company performance.





We can distill the information provided by the stock charts down to the equity that was affected by the event, the stock price on the day of the event, the current stock price, and the change in value. As we can see the companies suffering from a consumer data breach experienced an average increase in value of 24%. While the company that experienced a real world hazard has decreased by 79%.

Equity Day Of Event Current Day Change
TGT 63.76 78.03 22%
HD 91.15 117.5 29%
SNE 21.63 25.87 20%
LL 69.99 14.90 79%

Conclusion: The estimates in the Ponemon report of a 21% decrease in economic value. We do not see this reflected in equity prices as valuations have increased since the event. We believe that the economic impact of consumer data breaches is overstated as consumer sentiment has not shifted to a degree that has an effect on earnings. It is likely that the personnel surveyed had overestimated the impact due to marketing material produced by the Information Security Industrial Complex. The impact to many corporations have been mitigated by Cyber Insurance (TGT, HD) or by CapEx and other cost reduction measures brought on by Shareholder Activists (SNE). Shareholder Activists and executives should reevaluate spending priorities in light of the current trends in equity performance after a data breach event.

Efficient Markets in Security

We have a question from #DTsR listener @fsmontenegero regarding security and efficient market hypothesis. That is a very broad topic that could go in many different directions, and the ambiguous answer is one that people are sure to dislike.

Efficient Markets Hypothesis (EMH) via Investopedia:

…defined as a theory that it is impossible to beat the market because stock market efficiency causes existing share prices to always incorporate and reflect all relevant information. According to the EMH, stocks always trade at their fair value on stock exchanges, making it impossible for investors to either purchase undervalued stocks or sell stocks for inflated prices. As such, it should be impossible to outperform the overall market through expert stock selection or market timing, and that the only way an investor can possibly obtain higher returns is by purchasing riskier investments.


I’m not a fan of EMH for the same reasons I’m not a fan of the economic theory of perfect competition. Generally speaking many of these theories and hypothesis were invented as an unrealistic baseline. Why would anyone want to do that? My Finance II professor had a nice simple explanation. There are so many variables in the world it’s difficult to compare one company to another. We use many different theories and hypotheses to create an apples-to-apples or even playing field to compare Company A to Company B. We then add real world variables to help determine which one is the better company. We also have to realize that Investor A may be more concerned with double bottom line efficiency, while Investor B may care about triple bottom line corporate social responsibility. Once you get past a few variables you can come to different conclusions.

Another interesting fact from class is that with all the financial professionals and their predictive models the best you can hope for is to get it right 60% of the time. A coin toss has a 50% chance of winning so why spend all this time and money on financial engineering and forecasting? It turns out that 10% is huge so it’s definitely worth the effort. The lesson here is small percentages have big effects so don’t thumb your nose at 1%. 1% better than you were yesterday is better than 0%. You can take this to anything beyond finance as well. 1% improvement in this iteration of your anti-bribery, infosec, environmental, or other programs is a win. Iterate often and don’t give in to managers who say we need to show 5% improvement before beginning your next iteration because you’re likely to iterate only once or twice per year. If you get 1% 12x per year that’s a better payoff.

There is also another angle to everyone knowing the same thing. It does no good unless you act on it. This is a lesson learned from Tom Sosnoff, founder of ThinkOrSwim (now part of TDAmeritrade) and Every stock market pundit can say what they want. For example, I think the US Dollar is going to continue to decline over the next 3 years due to Quantitative Easing and the debt the Government has taken out. Well, that’s great what kind of trade are you going to put on and why? Information needs to be insightful and actionable. Otherwise you’re just talking on CNBC or you’re the guest columnist of the week in SC Magazine or CISO Online. If you watch any of Tom’s shows they always have a trade to go with a hypothesis.

To illustrate the failure of EMH we can look at many of the recent hacks such as $TGT. The intruders something about $TGT that they didn’t know. We do not have an efficient market here because one side knows more than the other. Based on what was reported there has been speculation that $TGT had a team that notified another team who didn’t respond. If we follow this scenario we have two different levels of knowledge on one side with a different level on another side. Definitely not equal. Then when we look at actionable information, the hackers were taking action against $TGT while their response teams were still in the dark.

Let’s also take a look at EMH from the investor’s point of view. Until we tested our hypothesis of shorting the equities of hacked companies many people in the Infosec world made the mistake contributing to echo chamber that hacked companies were going to $0 just like the political doomsayers state that the USD is going to $0 because of Federal Reserve money printing and the debt load the US is carrying. If you were to take action on those (bad) assumptions would be down $45,000 in our simulated portfolio of hacked stocks. The same would have happened if you had bet long on EUR/USD. If you were to have placed a $100,000 bet on the dollar going down the day after President Obama was reelected, you would have had to put up $2,276.30 in collateral to borrow $100,000 from your broker and you would be down $17,000 on your $2,200 bet. As a matter of fact the whole notion that the USD was going to $0 was a fantasy, much like hacked companies going to $0. The reality hurts the wallet big time. There’s a saying, markets can remain irrational longer than you can remain solvent. If you had bet against the USD since the election you would have lost more money than you had put up on the wager.

When FX Trades Go Wrong


When you panic sell on news of a hacking there will always be someone there to #BTFD. If investors did know everything the big funds know, then they wouldn’t be selling and the buying pressure would be lower because there would not be a discount from selling. EMH and other theories are excellent in a classroom setting, but quickly fall apart once you enter the real world. Not everyone can know everything, but do your research and put the research to the test and you will be victorious. All strategies need to be insightful and actionable. Some people have the insightful part down, we all need to work on the actionable.

Target Continues to Conquer All

Black Friday is back and the retail sector is better this year.  According to reports Target (NYSE: TGT) sales figures are up 40% over last year. Consumers really did not care about the hacking last year, and this continues to prove that such events are largely forgotten and do not influence consumer behavior.

As we can see investor confidence is higher than last year. TGT is now above the resistance of 73.50 from 7/22/2013 on the weekly chart. We are likely to see a continuation if the new support level holds.


Correlation Between Hackers and Target Stock Performance

Every retail CEO is blaming the weather for the poor sales.  We all know that Target (NYSE:TGT) had a bad holiday because of hackers and not the weather, right?  Well now Wal-Mart (NYSE:WMT) blew up their numbers and they’re saying it was the weather too.  How is this possible?  Obviously the hackers must have scared everyone away from Wal-Mart as well.  There is absolutely no way it could be the Polar Vortex, right?

What if there is some connection between hackers and the weather?  If we look at recent happenings in San Francisco, we can see that the street signs have been hacked saying San Francisco is closed because it’s too damn hot.  It is obvious that hackers like cold weather. We should have seen this before since they invaded Target through a HVAC company. This is all the proof we need to know that the hackers were behind the poor earnings at Target because they made off with the credit card numbers and created the Polar Vortex.   This blows up our previous study of data because we weren’t counting on hackers being able to control the weather.

We have absolutely tied hackers to the destruction of the entire retail sector.  If hackers aren’t behind the Polar Vortex and poor retail performance then there is only one other possibility.


Target Data Breach Not A Disaster

Everybody loves a good hacking because it spells doom for the target in question.  In this case the target in question is Target.  We’re going to delve into the financials and see that once again a hacking is no big deal.

First we will compare Target (NYSE:TGT) (green line) to the SPDR Retail Sector ETF (NYSE:XRT) (blue line) so we can see the huge divergence between the retail sector as a whole and how poorly TGT has done since the hack.  The first thing we notice is that TGT has under performed the bucket of other stocks that make up the retail sector.  When picking single stocks vs. a broad ETF that is bound to happen.  Next we notice that the ups and downs are about the same.  This tells us that there’s no major comparative difference to the stock price during the time period when the breach was announced in September.


Next we’ll take a look at TGT during the December shopping season.  Everyone in the infosec community jumped on the bandwagon that their sales were off because of the breach.  Just look at that drop!  It was obviously caused by the hackers, right?


Wal-Mart (NYSE:WMT) must have the same problem if we look at December – January.


When we dig into XRT for the same time period we see an almost identical wave pattern.   What this suggests is that everybody in retail had a rough winter, not just TGT.


The weather is why the entire retail sector is down.  Well, every sector is down because of the weather.  That’s the trendy thing that CEOs are blaming the bad Q4 and Q1 results on.  Unless the hackers have a bot net that can control the weather we can attribute TGT and everyone else’s ills to the Polar Vortex.

The other thing that we need to consider that huge gap up when TGT announced earnings.  That’s a 7% move in a single day.  They posted 81 cents per share profit vs. 79 cents consensus.  Revenue came in at $21.5B vs. consensus of $21.45B.  In other words, Wall St. already accounted for the potential downside and priced it in.    The impact was rather minor considering that they had incurred $61M in expenses but were covered by a $44M insurance policy for a net loss due to the breach of $17M.  Yes, the impact is minor.  We can tell this since the IV% in TGT is currently 25% while the IV% of XRT is 51%.  There is a lot more concern over downside in the retail sector as a whole than there is in TGT.

Will consumer behavior change as a result of incidents like this?  Unlikely.  TGT made a brilliant move by having the We’re Sorry Save 10% This Saturday Sale the week of the breach.  Many savvy consumers went shopping, your Dearest Leader included.  Who can say no to a 10% off sale?  Everyone I know walked away with a deal and no stolen numbers.  Taking a gamble to get a deal is what you have to do.  You have to buy in before they do.  You have to buy the dip.

The thing security professionals and the writers at all the trade publications need to understand about consumer behavior is a sale is something that everyone in a bad economy will chase after.  Most people have more than one credit card.  They can always use a different card until a replacement arrives if the numbers are compromised. Consumers are not legally responsible for the bill if fraud does occur.  That makes it the bank’s problem, and most people don’t care about the banks since that mess some of them caused with the housing market.   What exactly is the tragedy that all of the industry publications are writing about?  Either way the breach is the least of the bank’s worries, especially if your name is Citi.

Once again we have another data breach that causes a company to beat EPS, while life for everyone goes on.  There is some economic impact, but it’s spread among insurance companies, card processors, issuing banks and retailers.  The risk is shared among the sellers and the buyers have no risk at all.  Everyone on Wall St. knows that these kind of incidents are nothing compared to disasters such as the Polar Vortex or a large oil spill in the Gulf of Mexico.  Until the magnitude gets to be that large these events will be a nuisance rather than a disaster.

TGT Loses Payment Card Info Resulting In A Dip

After the breaking news over at KrebsOnSecurity that Target (NYSE:TGT) has been impacted by a payment card breach it is time once again to look for a dip to buy.  The low point at approximately $61 matches up with some decent support and resistance levels from 1Q13.  TGT is riskier than other sectors due to the retail environment at this time of year.  Any attempt to buy the dip should be done close to $61 with a very tight stop.  Any general bad news from the retail sector could blow this trade up.  Low trading volumes from the financial industry taking vacation could also cause large price swings in either direction. Short Put Verticals are not the best for this, though an ATM Long Call Vertical will give about 50/50 odds over the next week.



Update: We decided to go with a weekly 62/63 Long Call Vertical.  Closing out one day before expiration gets about a net 18.00 per contract.