Glasswasherparts.com_.pdf (dojmt.gov)

Economic Theories:

• Rational Choice (individuals/businesses make choices in their best interest) – The company refrained from notifying customers so that the investigation could move forward, which probably prevented customers from leaving the business sooner after hearing that their information had been leaked. Additionally, the hackers decided to invest in malware which led to them breaching this company.
• Classical Economic – Classical economic theory places importance on property rights and the protection of individuals’ assets. Customers’ personal information, including payment card details, is deemed their property in the context of the data breach. The breach is a violation of these property rights, and the letter explains the efforts being taken to correct the situation and further protect consumer information.

Social Science Theories:

• Routine Activities (Any crime requires three things: motivated offender, lack of capable guardianship, suitable target) – In this scenario, the breach has all three factors of this theory. The company and its database were the suitable target, the absence of proper security served as a lack of capable guardianship, and the hackers who planted the malware clearly had motivations for going through with the attack.
• Deterrence – By informing the customers of the breach, doing so may spread awareness to other hackers who may have been planning on conducting a similar attack and prevent them from doing so. Additionally, this notification may serve as a warning to other customers reminding them to limit the information that they share with certain businesses.