Bank Systems & Technology is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

01:00 PM
Bryan Yurcan
Bryan Yurcan
Connect Directly

The True Cost of Data Breaches

The cost associated with data breaches extends far beyond just the information that was stolen.

Cyber security and protecting customer data continues to be top of mind for not only banks, but retailers, software firms, and any company that stores valuable data. These days it seems like not a week goes by without a report of another high-profile data breach.

P.F. Chang's became the latest retailer to be targeted at the point-of-sale with credit card information being targeted at 33 locations, it was revealed this month. This followed several high profile attacks that affected Target, Neiman Marcus, and other major retailers in late 2013 and early 2014.

Of course, financial data can be targeted at more than just retail POS systems. Websites that store valuable data are targeted on a near-constant basis. Most recently, this week news broke that a Russian gang of computer hackers stole 1.2 billion usernames and passwords, exposing vulnerability in some 400,000 websites.

While data breaches are costly for retailers and for banks that have to reimburse customer losses due to fraud, there is also a significant cost to consumers as well. Overall, the true cost of data breaches is significantly higher than one would think, according to multi-factor authentication provider Authentify. The firm estimates each breach costs about $5.4 million for the affected companies.

This figure includes legal fees, settlements, cost of notifying consumers and canceling affected credit/debit cards.

On average, Authentify estimates that a company that experiences a data breach sees a cost of $188 per compromised record. Further, on average, more than 28,000 records are compromised in a typical data breach, the firm states.

But it's not just the cost to the affected organization that needs to be calculated. There's also a cost to consumers as well.

Authentify suggests that there is $140 billion in direct costs that are passed on to consumers as a result of data breaches, as well as indirect costs, such a higher taxes to pay for more law enforcement and oversight.

The way these costs are passed on to consumers is varied, the firm states. For example, when retailers are on the hook for fraud related to online orders, their insurance typically pays the bill. This then leads to higher costs for the company as a policy holder, which in turn is passed on to shoppers through higher prices. Also, banks that are affected by data breaches have to cancel and reissue cards that may have been compromised, which can cost $10 per card. Those costs can then be passed on to the consumer as well through higher interest rates and credit card fees.


Bryan Yurcan is associate editor for Bank Systems and Technology. He has worked in various editorial capacities for newspapers and magazines for the past 8 years. After beginning his career as a municipal and courts reporter for daily newspapers in upstate New York, Bryan has ... View Full Bio

Copyright © 2018 UBM Electronics, A UBM company, All rights reserved. Privacy Policy | Terms of Service