BreachExchange mailing list archives
Do Data Breaches Really Matter for Retailers?
From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Tue, 30 Jun 2015 19:24:29 -0600
http://www.investopedia.com/articles/markets/063015/do-data-breaches-really-matter-retailers.asp Fifteen-percent of consumers stopped shopping at a retailer that had suffered from a data breach, according to a CNBC poll. This is an important number because, in theory, it has the potential to lead to declining revenue. The percentage of people who claimed to stop shopping at a specific retailer is even higher (25%) when the consumer was an actual victim. Payment methods are also a factor because people who pay with cash tend to spend 10-20% less. This is likely because they can see the money leaving their possession and it’s immediate. With a debit card or credit card, a consumer doesn’t feel as though he or she is suffering an immediate loss of funds, and with a credit card, there cost isn’t realized until a later date. (For more, see: Cybercrime the Newest National Threat.) According to the study, 25% of consumers changed their payment method at a specific retailer after learning about a data breach. If that consumer was a victim of the data breach, that percentage is much higher at 50%, with 60% of that group opting to use cash. The study concluded that while data breaches might not matter to stock prices, they do matter to consumers, which can then impact revenue. However, that doesn’t seem to be the case over the long haul. There are two potential reasons for this explanation, with evidence provided below. One, the study sampling was too small (1,060 consumers). Two, consumers were upset about the data breach and exaggerated their survey responses. (For more, see: Most Costly Computer Hacks of All Time.) Big Data Breaches The first big data breach took place back in 2007 with The TJX Companies, Inc. (TJX). This company is best known for Marshalls, T.J. Maxx and HomeGoods, which are off-price retailers (they offer 20%-60% off traditional retailer and discount store prices). In an economic environment featuring a hesitant consumer (excluding the high-end consumer), this is a perfect match. The stock has been on fire since 2007, and it has appreciated over 30% over the past 12 months as of June 29, 2015. It also has a 1.30% dividend yield. The debt-to-equity ratio is low at 0.38, and there is only a 0.80% short position on the stock. Nobody is thinking about the TJX Companies data breach. (For more, see:Top 6 Most Profitable Clothing Retailers.) Next up is Target Corp. (TGT). Target has had some challenges in recent years. On top of its well-publicized 2013 data breach, it had to close up shop north of the border, which cost the company approximately $5 billion. Fortunately for Target, CVS Health Corporation (CVS) is acquiring its in-store pharmacies for $1.9 billion. And while Target reported a loss last year, its revenue still increased. The stock has also appreciated by 45.74% and yields 2.70%. Additionally, Target’s debt-to-equity ratio is respectable at 0.90. Overall, everything appears to be copacetic. Let’s not forget about The Home Depot, Inc. (HD) which suffered a data breach last year. However, revenue and net income increased in Home Depot’s last fiscal year, the stock has appreciated oer 42% over the past 12 months and the stock currently yields 2.10%. Home Depot does have a debt-to-equity ratio of 1.83, which is relatively high. However, as the 30-year fixed rate moves higher — now at 4.14% — homebuyers are rushing to buy prior to those rates continuing their ascent. This should lead to near-term high demand for products related to home décor and improvement, which should be good news for Home Depot in the near future. (For more, see: Home Depot's Profitability: The Unvarnished Truth.) The Bottom Line In theory, data breaches matter for retailers. In reality, they only have a short-term impact on the underlying business and stock price. If anything, any stock price drops related to a data breach can lead to a buying opportunity — assuming it’s a quality retailer like one of the three listed above.
_______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss For inquiries regarding use or licensing of data, e-mail sales () riskbasedsecurity com Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus on the right security. If you need security help or want to provide real risk reduction for your clients contact us!
Current thread:
- Do Data Breaches Really Matter for Retailers? Audrey McNeil (Jul 09)