Sage Journals: Discover world-class research

Abstract

This study analyses the short-term market effect of CrowdStrike IT outage in the 100 largest worldwide listed hotel companies. Using an event study methodology, the paper analyses how hotel companies are penalized by the market to the biggest IT disruption in history. Our results evidence a statistically significant negative reaction around the event date. This result is explained by the adverse impact caused by IT failures in the hotel’s business operations (reservation, payment, technical systems) and supply chain processes, which result in financial losses. We also observe a highest negative stock market reaction for hotel companies located in Western countries and for hotels with a low cyber risk rating. Finally, this study identifies hotel-specific characteristics that drive value during an IT outage. The research evidence that larger and more profitable hotel companies, with lower leverage and higher cyber risk ratings are more resilient to the adverse effects of IT outages.

Keywords

abnormal returns crowdstrike IT outage hotels event study G12 G14

Introduction

The cybersecurity firm CrowdStrike reported on 19 July, 2024, a flaw in its Falcon Sensor security software that caused widespread problems for Microsoft Windows computers using this software. Thus, around 8.5 million systems experienced crashes and were unable to restart, marking the major outage in information technology history.¹ The estimated financial damage worldwide is $10 billion.²

In recent years, investments in technology triggered by digital transformation mean that one of the threats to which the hotel industry is exposed is technological outages (Arcuri et al., 2020; Demir and Demir, 2024; Rasoulian et al., 2023). According to the authors, the collapse of technological systems (outage or cyberattack) can instantly stop businesses’ production and service delivery capacity, leading to significant financial losses. Unlike natural disasters that primarily affect the places where they occur, IT outages negatively affect the global scale.

In this study, we investigate the short-term effects caused by CrowdStrike IT outage on the largest listed worldwide hotel companies. Two recent studies analysed the effects caused by the CrowdStrike IT outage on the tourism and aviation industries. Demir and Demir (2024) analysed tourism-related news on websites and conducted interviews with tourism professionals to analyse the effect of the CrowdStrike IT outage on the tourism industry. Grebe et al. (2024) utilized the event study methodology in the aviation industry to evidence that the unexpected CrowdStrike IT outage resulted in short-term negative abnormal returns. This research differs from the previous in two ways: first, to our best knowledge, it is the first study that analyse the effect of CrowdStrike IT outage on the largest listed worldwide hotel companies; second, it extends the literature by adding new determinants of abnormal returns, such as location and cyber risk rating, not covered in previous studies.

Therefore, our research fills a critical gap in the understanding of the short-term market impact of CrowdStrike IT outage on hotel companies. It is the first study that analyse the impact caused by the largest IT outage in history on worldwide hotel companies, highlighting the hotel-specific characteristics that emerge as value drivers around IT failures.

By employing the event study methodology focused on the 100 major publicly listed hotels worldwide, we show a statistically significant negative stock price reaction for hotel companies associated with the CrowdStrike IT outage date. This finding underscores the sensitivity of hotel stock prices to external IT disruptions, highlighting the importance of robust technological resilience in the industry. Our results also evidence a highest negative stock market reaction for hotel companies located in Western countries and those with a low cyber risk rating (classified in terms of cyber risk in the “basic” category). Finally, this study reveals which specific characteristics of hotel companies act as value drivers during IT outages. The research evidence that larger, more profitable, higher cyber risk ratings and lower leverage hotel companies are more resilient to adverse effects caused by IT outages.

Impact of IT outages on the market value of hotel companies

In the hospitality industry, there has been an increase in investment in technology, with a clear focus on digital transformation and automation, which are referred to as valuable resources that strengthen competitive advantage by improving customer relationship management, integrating supply chains, integrating business processes (Ray et al., 2004), and thus improving operational efficiency (e.g., Bharadwaj et al., 2009; Demir and Demir, 2024).

A recent systematic review of the economic impacts of information and communication technologies (ICTs) in the tourism and hospitality industry (Lin et al., 2024), reveals the existence of economic positive impacts of ICTs in terms of performance (financial and operational), operational efficiency (e.g., cost reduction and operation time saving), and market (e.g., popularity and reputation). According to the authors, ICTs contribute to financial performance with contributions to financial metrics, such as sales volume, revenue, and gross operation income. ICT can also contribute to increasing the operational efficiency of hotels, through the facilitation of internal processes (e.g., Esparza-Aguilar et al., 2016) and back-of-house operational efficiency by reducing the time spent on repetitive tasks (e.g., Alrawadieh et al., 2021) and allowing employees to focus more on important tasks as ICTs can automate routine tasks (e.g., Melián-González and Bulchand-Gidumal, 2016). Finally, there may be market-related benefits, with ICTs enhancing the firms’ market share (e.g., Horng et al., 2022), as well as the aspects of customer behaviour influenced by these technologies (e.g., Liu et al., 2022).

However, when technologies fail, there are significant disruptions in the hotel’s business operations. The recent outage of CrowdStrike demonstrated this, with hotel managers mentioning that “hotels are unable to do everything from taking payments to making room keys.”³ The literature focuses on the existence of significant losses resulting from the direct costs involved in repairing the crashed system, along with losses resulting from lower sales revenues and lower productivity (Anthony et al., 2006; Arcuri et al., 2020; Bharadwaj et al., 2009; Demir and Demir, 2024). IT failures also cause important indirect costs for hotels, such as loss of stakeholder trust and confidence, worsened reputation, and brand damage (Arcuri et al., 2020; Bharadwaj et al., 2009; Kamiya et al., 2021).

Despite the importance of studying the impact of IT outages on the stock market, empirical studies that address this issue are scarce. Anthony et al. (2006) examine how stock prices react to announcements of website outages and find a significant negative impact of website outages on a firm’s stock prices, whose negative impact is greater for firms with high earnings through internet business. Bharadwaj et al. (2009) investigate the effects of unexpected operating or implementation-related IT failures on firms’ market value. Their findings evidence that IT failures lead to a decline of 2% in average cumulative abnormal returns (CARs) around a 2-day event window. Benaroch et al. (2012) study the short-term market effects of IT operational risks. As explained by the authors, “IT operational risk is any threat to the integrity, confidentiality, or availability of data of IT assets” (p. 360). According to the authors, the literature has mainly focused on confidentiality events, and empirical studies analysing the consequences of the availability of IT operational risk events are practically non-existent. The authors employ the event study methodology to show that firms encountering availability IT operational risk events tend to experience notably greater negative abnormal returns than those dealing with integrity or confidentiality events.

They conclude that investors perceive availability events as indicating the presence of more severe IT control weaknesses compared to those highlighted by confidentiality and integrity events. They conclude that investors recognize availability events as signalling the presence of more severe IT control weaknesses compared to those signalled by confidentiality and integrity events. Wang et al. (2023) employ event study methodology to study how online exposure to service failures impacts hotel revenue. The authors find that online exposure has a significant negative impact on hotel stock prices, which take mainly 9 months to fully recover. Finally, Grebe et al. (2024) analyse the short-term market effects of the unexpected CrowdStrike IT outage in the aviation industry. They find abnormal negative returns around the event date, and a quick recovery within a week.

There is, however, a broader set of empirical studies in the literature that analyse the effect caused by cyberattacks (largely focused on confidentiality events). Among the various empirical studies, we begin by mentioning the studies of Johnson et al. (2018) and Arcuri et al. (2020), that analyse the impact of cyberattacks on the stock market in the hospitality industry. The authors find negative abnormal returns of −0.043% (Arcuri et al., 2020) and −1.24% (Johnson et al., 2018) in the 3-day time window around cyberattack announcements. These findings align with the conclusions obtained by Spanos and Angelis (2016) and Ali et al. (2021) through their systematic literature review. Ali et al. (2021) highlighted that 75% of studies on information security events show significant negative CARs and that such effects are mainly observed within 2 days before and after the event date. Lastly, Kamiya et al. (2021)’s landmark empirical study about the stock market impact of cyberattacks and find that cyberattacks that don’t result in the loss of personal financial information tend to have a minimal adverse impact on shareholder wealth.

The main objective of this research is to analyse the short-term market effect of major outages in the history of information technology (CrowdStrike IT outage) on the 100 largest listed worldwide hotel companies. Therefore, our research hypothesis is the following:

Null Hypothesis (H₀): The CrowdStrike IT outage doesn’t affect the short-term market value of hotel companies.

Additionally, we are also interested in finding out if the location and hotel’s cyber risk rating affect the abnormal returns around the IT outage. It is expected that the negative effects caused by the CrowdStrike IT outage are greater for hotel companies located in Western countries – CrowdStrike primarily serves customers in Western countries, and many Asian countries, like China, have developed their own operating systems, anti-virus platforms and payment systems to reduce reliance on Windows and associated products⁴ and for firms with a low cyber risk rating - these firms tend not to have robust contingency plans and cybersecurity measures to enhance resilience and reduce vulnerability to future disruptions (e.g., Demir et al., 2023), and as such they are more exposed to adverse effects provoked by these events.

Finally, we also investigate which specific characteristics of hotel companies serve as value drivers during an IT outage.

Data and methodology

We collect data from different sources to use in the event study. The hotel companies’ stock returns and country benchmark indices were selected from Eikon Refinitiv. Control variables used in the cross-section analysis were obtained from ORBIS. For the collection of the largest firms, we chose the 100 major worldwide listed hotel companies based on their market capitalization. The distribution of hotel companies by country is shown in Table 1. The US, India, Hong Kong, China, and Singapore have 23, 10, 9, 6, and 6 listed hotel companies, respectively, making them the most represented countries.

Table 1.

Listed hotel companies by country.

Distribution by countries
Country	# Hotels
Australia	2
China	6
Croatia	4
Egypt	1
France	2
Greece	1
Hong Kong	9
India	10
Indonesia	2
Ireland	1
Israel	3
Japan	4
Kuwait	1
Malaysia	4
Mexico	1
Netherlands	1
Nigeria	1
Philippines	1
Singapore	6
South Africa	2
Spain	2
Sweden	3
Taiwan	2
Thailand	2
UAE	2
UK	4
US	23

This table shows the 100 largest listed worldwide hotel companies by country. “# Hotels” means the number of listed hotel companies.

To evaluate the research hypothesis presented in the preceding section, we apply the standard abnormal return (ARs) technique based on the market model.⁵ The market model ARs are measured as the residual returns from estimating the following regression equation:

E (R_{i, t}) = α + β R_{m, t} + ε_{i, t}

(1)where, E (R_it) is the expected rate of return of hotel company i on the trading day t; R_mt refers to the observed return of stock market index (benchmark index) on the trading day t; α_i and β_i are the regression coefficients of the daily rate of return of hotel company i and the market rate of return, respectively. e_it refers to the error term.

We use the event date of July 19, 2024, to calculate the abnormal returns. ARs are obtained by the difference between the observed returns of hotel company i on day t (R_it) and the expected return generated by the market model E (R_it), as follows:

{A R}_{i t} = R_{i t} - E (R_{i t})

(2)

The event date is nominated as day t = 0. As in Kamiya et al. (2021), the abnormal returns (ARs) are estimated around an estimation window of 220 trading days. Figure 1 illustrates the timeline of the events used to compute the ARs. By accumulating the abnormal returns around a specific time interval, we compute the ARs using the following specification:

C A R [t_{1}, t_{2}] = \sum_{t_{1}}^{t_{2}} {A R}_{t}

(3)

Figure 1.

Event timeline. The figure illustrated the event timeline used to compute ARs around the CrowdStrike IT outage for the largest 100 listed worldwide hotel companies.

We examine seven distinct time intervals for the CARs: [−1, 1], [−1, 5], [−1, 10], [0, 2], [0, 3], [0, 5] and [0, 10]. Finally, for each time interval, we calculate the cumulative average abnormal returns (CAARs) using the following specification:

C A A R [t_{1}, t_{2}] = 1 / N \sum_{t_{1}}^{t_{2}} {C A R}_{[t 1, t 2]}

(4)where, N represents the sample size of the sample (in this case, N = 100).

Regarding the analysis of abnormal returns differences between hotel companies based on the location (Asia vs non-Asia) and cyber risk rating, we calculate the CAARs and their differences for each portfolio. The statistical significance of the differences obtained for the portfolios is analysed based on a two-sample z-test.

Finally, we apply Ordinary Least Squares (OLS) to estimate if hotel characteristics affect the differences in abnormal returns among distinct hotel companies, following the specified model:

{C A R}_{i} = β_{0} + β_{1} \ln ({S I Z E}_{i}) + β_{2} {L E V}_{i} + β_{3} {L I Q}_{i} + β_{4} {R O A}_{i} + β_{5} {I N S T}_{i} + β_{6} \ln ({A G E}_{i}) + β_{7} {H E A D_D}_{i} + β_{8} \ln ({C Y B_R}_{i}) + ε_{i}

(5)where CAR_i is the cumulative abnormal returns for hotel company i around the CrowdStrike IT outage for time windows [−1; 1] and [−1; 5]. Table 2 presents the control variables utilized in the cross-sectional analysis. Recent event studies on the stock market impact caused by cyber-attacks use these same control variables (e.g., Kamiya et al., 2021; Rasoulian et al., 2023).

Table 2.

Determinants of CARs: definition of variables and expected relationships.

Variable	Notation	Measure	Author(s)	Expected effect
Size	SIZE	Natural logarithm of market capitalization in USD	Anthony et al. (2006); Kamiya et al. (2021); Rasoulian et al. (2023)	+/−/No
Leverage	LEV	Ratio of total liabilities to total assets (%)	Kamiya et al. (2021); Rasoulian et al. (2023)	−/No
Liquidity	LIQ	Ratio of current assets to total assets (%)	Kamiya et al. (2021); Rasoulian et al. (2023)	+/No
Profitability	ROA	Ratio of operating income to total average assets (%)	Kamiya et al. (2021); Rasoulian et al. (2023)	+/No
Institutional ownership	INST	Percentage of a company’s stock that is held by institutional investors (%)	Kamiya et al. (2021)	−/No
Firm age	AGE	Natural logarithm of the number of years that have passed since the hotel was founded	Kamiya et al. (2021); Rasoulian et al. (2023)	+/−/No
Firm headquarters dummy	HEAD_D	Dummy variable that takes the value of one if the hotel company headquarters is located in Asia, and 0 otherwise		+
Cyber risk rating	CYB_R	Cyber risk rating for each hotel company based on the cyber risk model defined by ORBIS (natural logarithm). Cyber risk categories range from 250 (basic) to 900 (advanced).	Aldasoro et al. (2020)	+

This table displays the notation, definitions, and expected effect of explanatory variables in equation (5) on the hotel’s cumulative abnormal returns (CARs). “No” means the absence of a statistically significant effect.

According to Murphy et al. (2009), the size of hotel companies (SIZE), by capturing the effects of economies of scale and reputation, proves to be important in the recovery of hotels after a crisis event. Larger hotel companies can allocate more tangible resources and employees to resolve the crisis. Furthermore, from a reputational perspective, larger hotel companies with solid brand names may more easily counter the percentual damage of a crisis compared to smaller hotel companies (Rasoulian et al., 2023). LEV, LIQ and ROA variables are proxies for hotel companies’ accessibility to financial resources that allow them to fulfil their short and long-term obligations. In the context of a crisis, the possession of solid financial resources and profitability can buffer the pressure of a crisis (e.g., Wiklund et al., 2010). According to the authors, leverage, liquidity, and profitability are among the most currently used indicators of a firms’ financial solidity. Following Boehmer and Kelley (2009) and La Porta et al. (2002), we include in the cross-sectional analysis a variable related to institutional ownership (INST). Institutional investors tend to be better informed than other market participants, and they may interpret the IT outage as a high-risk event, reducing the weight of their investment in this industry. Regarding firm age (AGE), Rasoulian et al. (2023) argue that older firms tend to have a higher experience, resources, and capabilities, which make them better equipped to face environmental changes and organisational crises. Thornhill and Amit (2003) argue that older firms show a greater inability to adapt to environmental changes. HEAD_D is included in order to test the different repercussions of the IT outage at a regional level. Finally, according to Aldasoro et al. (2020), higher levels of IT spending effectively protect firms from the negative repercussions of IT disasters. For this reason, the variable CYB_R was included in the analysis. Descriptive statistics are in Panel 2 of Table 3.

Table 3.

Descriptive statistics of CARs, explanatory variables and ARs tests.

Variable	Mean	SD	25^th perc.	Median	75^th perc.	θ₁	τ₁
Panel 1: all sample
CAR [−1, 1]	−0.899%	2.902%	−2.794%	−0.669%.	0.704%	0.040**	0.041**
CAR [−1, 5]	−1.413%	4.770%	−3.957%	−1.495%	1.643%	0.045**	0.049**
CAR [−1, 10]	−3.690%	7.739%	−6.714%	−3.223%	0.377%	0.012**	0.015**
CAR [0, 2]	−0.444%	2.725%	−1.988%	−0.433%	0.786%	0.087*	0.090*
CAR [0, 3]	−0.514%	3.351%	−2.401%	−0.698%	0.974%	0.096*	0.099*
CAR [0, 5]	−0.831%	4.160%	−2.373%	−0.367%	1.540%	0.089*	0.092*
CAR [0, 10]	−2.846%	7.139%	−6.180%	−2.536%	1.650%	0.043**	0.047**
Panel 2: control variables – all sample
SIZE	$4,066 mL	$13,643 mL	$258 mL	$956 mL	$3991 mL
LEV	61.88%	28.58%	39.18%	62.60%	78.13%
LIQ	23.98%	16.51%	11.53%	19.43%	31.07%
ROA	6.90%	9.26%	2.71%	6.15%	10.92%
INST	32.45%	36.68%	2.78%	16.78%	54.13%
AGE	50.03	38.92	24	41	61
HEAD_D	49.00%	49.99%	0	0	1
CYB_R	672.70	85.37	620	690	740

This table offers descriptive statistics of cumulative abnormal returns (CARs) and explanatory variables, as well as the outcomes from tests on abnormal returns. The firm-specific variables are computed from accounting data based in the prior year-end. These explanatory variables are defined on Table 2. θ₁ and τ₁ are the p-value of t test statistics and Corrado rank test statistics, respectively, based on Brown and Warner (1980) and Corrado (1989) (see more details in Serra, 2004). ***, ** and * means statistical significance at the 1%, 5% and 10% level, respectively.

Results

Abnormal returns

Table 3 shows evidence of the hotel companies’ CARs around the CrowdStrike IT outage. The results show a statistically significant negative reaction in stock price to the announcement for the seven-time intervals. The table presents CARs of −0.899%, −1.413%, −3.690%, −0.444%, −0.514%, −0.831% and −2.846% for the time window [−1; 1], [−1; 5], [−1; 10], [0; 2], [0; 3], [0; 5], and [0; 10], respectively. The parametric (t test) and non-parametric (Corrado rank test) tests show that there is a level of statistical significance of at least 10%. These results provide strong evidence for rejecting the null hypothesis, indicating that abnormal returns do indeed exist, aligning with preceding empirical studies that found negative abnormal returns around IT operational risk events. The tourism and hospitality industry has a heavy reliance on digital technologies for booking, customer service, and operational management purposes (Demir and Demir, 2024). IT disruptions negatively affect supply chain processes, from human resources management to customer relationship management and stakeholders (Demir et al., 2023). CrowdStrike IT outage, given the scale of its impacts, not only on hotels but on other tourism operators, particularly in aviation (Grebe et al., 2024), resulted in cancellations of consumer reservations, outage of travel plans, and a general decrease in customer satisfaction. In short, CrowdStrike IT outage negatively affected the hotel’s operations and external reputation, potentially leading investors to doubt the hotel’s ability to meet growth and revenue targets.

We also examine the differences in stock market returns between different regions (Asia vs. Western countries) and hotel companies’ cyber risk ratings. Table 4 presents the results. Regarding the market reaction to hotel companies’ location, Panel 1 of Table 4 shows the existence of two distinct patterns in terms of CAARs behaviour. In the case of Asian hotel companies, except for the event window [−1; 10], the CAARs are not statistically significant. On the contrary, hotel companies located in Western countries present negative and statistically significant CAARs. Our results also evidence the existence of statistically significant regional differences. The main reason why Asian hotel companies have not been affected by IT outages is because few businesses in the region are CrowdStrike customers. Finally, the results in Panel 2 of Table 4 evidence a statistically significant negative stock market reaction for hotel companies with a lower cybersecurity rating and the lack of a statistically significant impact for hotel companies with a high cybersecurity rating (except for the event window [−1; 10]). Differences in cyber risk rating across the four event windows reveal statistically significant at 5%. Our results show that the investments made by hotel companies in cybersecurity systems allowed them to mitigate the negative effects caused by CrowdStrike IT outage. This pattern of market price behaviour is in accordance with the financial literature, which reveals that higher expenditure in IT is linked to a decrease in future costs related to cyber incidents (Aldasoro et al., 2022).

Table 4.

Hotel companies’ CAARs by location and cyber risk rating and difference test for CAARs.

			[−1; +1]	[0; +2]	[−1; +5]	[−1; +10]
	# Firms
Panel 1: Hotel companies’ location (Asia vs non-Asia)
Asia	51	CAAR	0.549%	0.245%	−0.120%	−2.143%
		θ ₁	0.273	0.282	0.418	0.093*
		τ ₁	0.298	0.276	0.432	0.097*
Non-asia	49	CAAR	−1.642%	−0.961%	−2.035%	−4.852%
		θ ₁	0.020**	0.044**	0.039**	0.017**
		τ ₁	0.024**	0.048**	0.037**	0.020**
Difference		CAAR	2.191%	1.207%	1.915%	2.709%
Difference		z-test (p-value)	.027**	.048**	.034**	.028**
Panel 2: Cyber risk rating
Above the sample median	50	CAAR	−0.289%	0.078%	−0.143%	−2.629%
		θ ₁	0.375	0.476	0.403	0.088*
		τ ₁	0.387	0.484	0.399	0.091*
Below the sample median	50	CAAR	−2.108%	−1.165%	−1.683%	−4.751%
		θ ₁	0.013**	0.040**	0.045**	0.009***
		τ ₁	0.016**	0.038**	0.047**	0.011**
Difference		CAAR	1.819%	1.243%	1.540%	2.122%
Difference		z-test (p-value)	.034**	.047**	.044**	.047**

This table offers the hotel companies’ cumulative average abnormal returns (CAARs) around the CrowdStrike IT outage and the differences analysis in the CAARs for two hotel companies subsamples: (i) hotel companies whose headquarters are located in Asia versus hotel companies whose headquarters are no located in Asia (Western countries) (Panel 1) and (ii) in terms of its cyber risk rating, with above and below of the sample median (Panel 2). The CAARs were computed with the market model (MM) and the daily returns for four different time windows [−1; +1]; [0; +2]; [−1; +5] and [−1; +10] around the CrowdStrike IT outage. θ₁ and τ₁ are the p-value t test statistics and Corrado rank test statistics, respectively, based on Brown and Warner (1980) and Corrado (1989) (see more details in Serra, 2004). A two-sample z-test is used to compute the significance of the differences in CAARs. ***, ** and * means statistical significance at the 1%, 5% and 10% level, respectively.

Cross-sectional analysis

We also examine the cross-section effects of hotel-specific characteristics variables on CARs around the CrowdStrike IT outage date. Table 5 shows the results from regression estimation. The findings show that larger and more profitable hotel companies, with better cyber risk ratings and lower leverage, are more resilient to adverse effects caused by IT outages.

Table 5.

Cross-sectional analysis.

	CAR [−1; 1]	CAR [−1; 5]
Constant	−0.542 (−0.709)	−0.354 (−0.457)
Ln (SIZE)	0.011* (1.830)	0.013* (1.911)
LEV	−0.057* (−1.930)	−0.069** (−2.000)
LIQ	−0.010 (−0.220)	−0.002 (−0.036)
ROA	0.099** (2.170)	0.149* (1.685)
INST	−0.029 (−1.274)	−0.030 (−1.322)
Ln (AGE)	0.004 (0.364)	0.003 (0.265)
HEAD_D	0.032** (2.390)	0.043** (2.411)
Ln (CYB_R)	0.161*** (2.939)	0.179*** (2.821)
# Obs.	100	100
Adj. R²	0.337	0.361

This table offers the cross-sectional estimation for the 100 largest listed hotel companies CARs’ around the CrowdStrike IT outage. The dependent variables are the hotel’s CARs for two different time windows: [−1; +1] and [−1; +5], computed using the market model (MM). The firm-specific and explanatory variables are computed from accounting data based in the prior year-end. These explanatory variables are defined on Table 2. ***, ** and * means statistical significance at the 1%, 5% and 10% level, respectively. Standard errors adjusted for heteroskedasticity and clustering at the country level are reported in parentheses. # Obs. denotes the number of observations used in the estimation.

From a reputational perspective, larger hotel companies with strong brand names and resources tend to recover more easily from an IT outage. This reputational advantage is likely to lessen the effects of losses experienced by worldwide large hotel companies (Murphy et al., 2009; Rasoulian et al., 2023). Additionally, the literature reveals that hotel companies with low levels of debt and a high capacity to generate profits tend to have the financial resources to recover from the negative effects caused by IT outages/crises more easily (Kamiya et al., 2021; Rasoulian et al., 2023). Regarding the AGE and INST control variables, we did not find evidence of statistical significance. As previously mentioned, older firms have advantages (higher experience, resources, and capabilities) but also disadvantages (greater inability to adapt to environmental changes) in terms of resilience to the negative impacts caused by IT disruptions. In the case of INST variable, the lack of statistical significance can be explained by the benefit of diversification. Institutional investors can mitigate or eliminate the risk resulting from an IT outage with well-diversified investment portfolios. Finally, the cross-section estimation corroborates the existence of more negative CARs for hotel companies located in Western countries and with a lower cybersecurity rating.

Concluding remarks

This research examines the short-term market effect of CrowdStrike IT outage in the 100 major listed worldwide hotel companies. The results evidence that hotel companies experienced statistically significant negative abnormal returns around the event date. While IT technologies enhance a hotel company’s operational efficiency, its failures tend to have an adverse impact on the hotel companies’ business operations, supply chain processes, and stakeholders’ confidence, which results in financial losses. Our analyses also reveal the existence of a strong negative stock market reaction for hotel companies placed in Western countries and for hotel companies with a low cyber risk rating. Finally, this study offers insights into the hotel characteristics that serve as value drivers during an IT outage. The study evidences that hotel companies with larger capitalization, higher profitability, elevated cyber risk rating, and lower leverage are more resilient to adverse effects caused by IT outages.

These results reveal that hospitality businesses must balance their investments in IT technology and digital transformation with the need for robust contingency planning and cybersecurity investments to increase resilience and reduce vulnerabilities to future IT outages.

While this research provides insightful implications, it is important to keep in mind its limitations, which may open new avenues for future research. First, like most event studies, our results only address the short-term market reaction to the CrowdStrike IT outage. Consequently, an analysis of the long-term effects in terms of returns and volatility of hotel companies could be of interest. Second, our study may be limited by its context-specific findings, which might not be generalisable across other tourism and hospitality sectors. As highlighted by Demir and Demir (2024), the unique characteristics of the tourism and hospitality industry, such as its high reliance on technology for booking, customer service, and operational management, may not fully represent other sectors with different technological dependencies and resilience capabilities. Future studies should extend the investigation to other tourism and hospitality sectors to validate and expand the empirical and theoretical implications of IT disruptions.

Footnotes

Declaration of conflicting interests

The author(s) declared no potential conflicts of interest with respect to the research, authorship, and/or publication of this article.

Funding

The author(s) disclosed receipt of the following financial support for the research, authorship, and/or publication of this article: This paper is financed by Portuguese national funds through FCT – Fundação para a Ciência e a Tecnologia, I.P., projects numbers UIDB/00685/2020 & UID00685 CEEAplA | University of Madeira (António Martins); UIDB/04007/2020 (Susana Cró) and UNIAG, UIDB/04752/2020 and UIDP/04752/2020 (Nuno Moutinho).

ORCID iD

António Miguel Martins

Notes

Author biographies

Bruno Albuquerque is a Master Student in Management at the Faculty of Social Sciences in the University of Madeira (Portugal).

Susana Cró is an Assistant Professor at School of Social Sciences in the University of Évora, Portugal. Her current research activities include crisis and disasters management, security and safety in tourism industry, performance measurement and management in hospitality and tourism.

Nuno Moutinho is an Assistant Professor at the Instituto Politécnico de Bragança (Portugal). He has a PhD in Management awarded by the University of Porto, Portugal. The current research interests include corporate governance, accounting, auditing, tourism management and asset pricing.

António Martins is an Assistant Professor at the Faculty of Social Sciences in the University of Madeira (Portugal). The current research interests include crisis and disasters management, security and safety in tourism industry, performance measurement and management in hospitality and tourism, finance, and real estate management.

References

Aldasoro

Gambacorta

Giudici

, et al. (2022) The drivers of cyber risk. Journal of Financial Stability 60: 100989.

Ali

SEA

Lai

Dominic

PDD

, et al. (2021) Stock market reactions to favorable and unfavorable information security events: a systematic literature review. Computers & Security 110: 102451.

Alrawadieh

Cetin

(2021) Digital transformation and revenue management: evidence from the hotel industry. Tourism Economics 27(2): 328–345.

Anthony

Choi

Grabski

(2006) Market reaction to e-commerce impairments evidenced by website outages. International Journal of Accounting Information Systems 7(2): 60–78.

Arcuri

Gai

Ielasi

, et al. (2020) Cyber attacks on hospitality sector: stock market reaction. Journal of Hospitality and Tourism Technology 11(2): 277–290.

Benaroch

Chernobai

Goldstein

(2012) An internal control perspective on the market value consequences of IT operational risk events. International Journal of Accounting Information Systems 13(4): 357–381.

Bharadwaj

Keil

Mähring

(2009) Effects of information technology failures on the market value of firms. The Journal of Strategic Information Systems 18(2): 66–79.

Boehmer

Kelley

(2009) Institutional investors and the informational efficiency of prices. Review of Financial Studies 22(9): 3563–3594.

Brown

Warner

(1980) Measuring security price performance. Journal of Financial Economics 8(3): 205–258.

10.

Corrado

(1989) A nonparametric test for abnormal security-price performance in event studies. Journal of Financial Economics 23(2): 385–395.

11.

Demir

ŞŞ

(2024) Is the global technological outage a caution for the service industries? Evidence from the tourism industry. Current Issues in Tourism: 1–21.

12.

Demir

Yaşar

Demir

ŞŞ

(2023) Digital transformation and human resources planning: the mediating role of innovation. Journal of Hospitality and Tourism Technology 14(1): 21–36.

13.

Esparza-Aguilar

García-Pérez-de-Lema

Duréndez

(2016) The effect of accounting information systems on the performance of Mexican micro, small and medium-sized family firms: an exploratory study for the hospitality sector. Tourism Economics 22(5): 1104–1120.

14.

Grebe

Martin

Schiereck

(2024) Is the global CrowdStrike it crash a digital black swan? - Evidence of stock market reactions in the airline industry. Available at SSRN: https://ssrn.com/abstract=4916686

15.

Horng

Liu

Chou

, et al. (2022) Role of big data capabilities in enhancing competitive advantage and performance in the hospitality sector: knowledge-based dynamic capabilities view. Journal of Hospitality and Tourism Management 51: 22–38.

16.

Johnson

Kang

Lawson

, et al. (2018) The impact of data breaches on hotel and restaurant firm stock returns. Journal of Hospitality Financial Management 26(2): 3.

17.

Kamiya

Kang

Kim

, et al. (2021) Risk management, firm reputation, and the impact of successful cyberattacks on target firms. Journal of Financial Economics 139(3): 719–749.

18.

La Porta

Lopez-de-Silanes

Shleifer

, et al. (2002) Investor protection and corporate valuation. The Journal of Finance 57(3): 1147–1170.

19.

Lin

Shin

(2024) The economic impacts of information and communication technologies in the tourism and hospitality industry: a systematic review of the literature. Tourism Economics Ahead of print 11 May 2024: 13548166241253309. doi: 10.1177/13548166241253309.

20.

Liu

Wei

Kalgotra

, et al. (2022) Seeing is believing? Data mining to create a choice-based conjoint approach for restaurant mobile marketing. International Journal of Hospitality Management 104: 103248.

21.

MacKinlay

(1997) Event studies in economics and finance. Journal of Economic Literature 35(1): 13–39.

22.

Melián-González

Bulchand-Gidumal

(2016) A model that connects information technology and hotel performance. Tourism Management 53: 30–37.

23.

Murphy

Shrieves

Tibbs

(2009) Determinants of the stock price reaction to allegations of corporate misconduct: earnings, risk, and firm size effects. Journal of Financial and Quantitative Analysis 43(3): 581–612.

24.

Rasoulian

Grégoire

Legoux

, et al. (2023) The effects of service crises and recovery resources on market reactions: an event study analysis on data breach announcements. Journal of Service Research 26(1): 44–63.

25.

Ray

Barney

Muhanna

(2004) Capabilities, business processes, and competitive advantage: choosing the dependent variable in empirical tests of the resource-based view. Strategic Management Journal 25(1): 23–37.

26.

Serra

(2004) Event study tests: a brief survey. Revista Electrónica de Gestão Organizacional 2(3): 248–255.

27.

Spanos

Angelis

(2016) The impact of information security events to the stock market: a systematic literature review. Computers & Security 58: 216–229.

28.

Thornhill

Amit

(2003) Learning about failure: bankruptcy, firm age, and the resource-based view. Organization Science 14(5): 497–509.

29.

Wang

Lin

(2023) Impact of reputation on hospitality profitability: impact of service failure online exposure on revenue performance–evidence from the hotel industry in China. Tourism Review 78(6): 1387–1413.

30.

Wiklund

Baker

Shepherd

(2010) The age-effect of financial indicators as buffers against the liability of newness. Journal of Business Venturing 25(4): 423–437.

Stock market effects of CrowdStrike IT outage on largest listed hotel companies

Abstract

Keywords

Introduction

Impact of IT outages on the market value of hotel companies

Data and methodology

Results

Abnormal returns

Cross-sectional analysis

Concluding remarks

Footnotes

Declaration of conflicting interests

Funding

ORCID iD

Notes

Author biographies

References