-FINANCIAL IMPACT OF CYBERATTACKS ON BANKS: AN EVENT STUDY APPROACH

This dissertation examines the financial impact of cyberattacks on the stock prices of U.S. banks, addressing the central question of how these incidents influence market reactions and whether the timing aligns with the semi-strong form of market efficiency, while also exploring variations by breach type and severity. With cyberattacks posing escalating threats to financial stability, U.S. banks face a significant share of global financial cyberattacks (IMF, 2024), underscoring the urgency to understand market responses. The study analyses incidents over a decade-long period, utilizing an event study methodology combined with regression analysis. Data from the Privacy Rights Clearinghouse and Yahoo Finance stock prices were processed using Python scripts to calculate abnormal returns over event windows, with t-tests and regressions assessing significance and variation by breach characteristics. The findings reveal a significant positive Average Abnormal Return on the event day for all incidents, suggesting initial investor optimism, yet an insignificant Cumulative Average Abnormal Return over both windows, indicating no sustained impact. High-impact incidents show a delayed negative Cumulative Average Abnormal Return over the longer window, challenging semi-strong efficiency due to lagged reactions. Breach type analysis highlights significant immediate reactions for disclosures, while firm size and breach history influence outcomes, with larger banks experiencing stronger negative effects. These results contribute to market efficiency literature by revealing information processing delays and offer practical insights for banks to enhance cybersecurity and disclosure practices. Future research could explore international contexts or media sentiment. This study fills a gap in recent U.S. bank-focused analyses, providing a foundation for improved risk management and policy development in the financial sector.