Concurrent with the increase in organizations’ reliance on IT systems for conducting business with their consumers and partners, there have been increases in the risk and instances of security breaches of IT systems. As a result, a large body of research has been conducted to study the financial consequences of such security breaches in general and stock market reactions using the event study methodology in particular. Notwithstanding the significant contributions of the extant studies on the topic, inconsistencies could be observed about the existence and magnitude of shareholders’ reactions to announcements of security breaches by firms. As such, this paper addresses this gap through a meta-analysis of 63 studies (with a total of 20,936 instances of security breach announcements). The results suggest that a significant relationship exists between announcements of security breach and a drop in the experiencing firms’ stock returns. In addition, this relationship is impacted by the type of security breach, time of the security breach event, the country in which the experiencing firms operate, and the size of those firms.

在组织越来越依赖 IT 系统与消费者和合作伙伴开展业务的同时，IT 系统安全漏洞的风险和实例也在增加。因此，已经进行了大量研究，以研究此类安全漏洞的总体财务后果以及特别使用事件研究方法的股票市场反应。尽管关于该主题的现有研究做出了重大贡献，但在股东对公司安全漏洞公告的反应的存在和程度方面，可以观察到不一致的情况。因此，本文通过对 63 项研究（共有 20,936 个安全漏洞公告实例）的荟萃分析解决了这一差距。结果表明，安全漏洞公告与经验丰富的公司股票回报率下降之间存在显着关系。此外，这种关系还受到安全漏洞类型、安全漏洞事件发生时间、所涉公司运营所在国家以及这些公司规模的影响。