Cybersecurity Breach at a Big 4 Accounting Firm: Effects on Auditor Reputation

Author(s)

Barri Litt, Nova Southeastern UniversityFollow
Paul Tanyi, University of North Carolina
Marcia Weidenmier Watson, Trinity University

ORCID

0000-0001-7901-7339, 0000-0003-2288-8728,

Document Type

Article

Publication Title

The Journal of Information Systems

ISSN

0888-7985

Publication Date

6-1-2023

Abstract/Excerpt

Public company investors rely on the Big 4 audit firms to provide assurance over internal controls and financial reporting. What, then, would happen if one of these very assurance providers suffered its own cybersecurity breach? We examine such an event in the major data breach of Deloitte in 2017. Using U.S. data from 2014 to 2019, we find Deloitte suffered significant reputational damage postbreach. Specifically, audit clients and existing shareholders became less likely to approve of Deloitte as the company’s auditor. Deloitte also charged lower audit fees after the incident. Furthermore, Deloitte’s audit clients suffered significant negative market reactions postbreach. Our results suggest pervasive implications of cyberattacks on auditor reputation and support recent congressional efforts to expand regulation in this area.

DOI

10.2308/ISYS-2022-006

Volume

37

Issue

2

First Page

77

Last Page

100

NSUWorks Citation

Litt, Barri; Tanyi, Paul; and Weidenmier Watson, Marcia, "Cybersecurity Breach at a Big 4 Accounting Firm: Effects on Auditor Reputation" (2023). HCBE Faculty Articles. 1174.
https://nsuworks.nova.edu/hcbe_facarticles/1174