Data breach and identity thefts have dramatically increased in scope and scale in recent years, arousing serious concerns of digital privacy and security. For example, the data breach of Home Depot in 2014 has involved 109 million records. 

Though mass media attention has focused on those data breaches, little is known about how customers behave after being informed of those adverse events. One of the biggest obstacles in this field of research is lack of data. Previous research occasionally utilized survey to identify customer behaviour towards the data breach. However, the emotion or attitude the customers expressed during the survey may not actually reflect his real shopping behaviour. He may feel unsatisfied about the data breach and claim not buying from that company, but in reality, he may choose to stay with this company. 

The PNC center data provides a unique opportunity to answer this question. Over the last few years, many large data breaches have taken place (HomeDepot, Target, JC Penney and so on). Many users in PNC dataset are possible customers of these retailers. Looking at the transactions (both credit and debit card) record over a period of time, we should be able to infer how users responded to data breaches at these large (or even small) retailers. Do users switch to competitors? Does the effect last only a short period of time? Do new customersless likely to transact? 

We believe this data will provide a unique opportunity to investigate this question which has large policy and academic relevance but has little empirical research to show for. The large data also allows us to possibly estimate heterogeneous response to see how is more affected. It will also provide some clue into how both retailers and the bank and take pre-emptive actions to alleviate potential user churn.

Rahul Telang