How Mergers and Acquisitions Increase Data Breaches: A Complexity Perspective

Authors: Liang, Huigang; Srinivas, Santhosh; Xue, Yajiong

Journal: MIS Quarterly (2023)

DOI: 10.25300/misq/2023/17703

<jats:p>This study examines how the mergers and acquisitions (M&As) of a firm influence its number of data breaches. Drawing from complexity theory and matching theory, we propose that M&As increase data breaches and this effect is contingent on M&A diversity (dissimilarity between the parent and target firms). Based on the 18-year panel data (2004-2021) of 5,072 public firms in the United States, we find that more M&As by a firm lead to more data breaches. Moreover, we reveal that the number of data breaches increases even more when the parent and target firms operate in different business domains. This finding is confirmed when we operationalize M&A diversity as size discrepancy or a strategic type difference between the parent firm and the target firm (vertical vs. horizontal M&A). Furthermore, based on routine activity theory, we explore two additional moderating mechanisms through which M&As influence data breaches: M&A media publicity and target vulnerability. Our analyses demonstrate that M&As with higher media publicity experience more data breaches than those with lower media publicity, but counterintuitively, M&As involving a more vulnerable target firm lead to fewer dat…

View in Otero