The Financial Consequences Of A Data Breach 

By Patrice Puichaud, Senior Director, SE, EMEA & APAC at Sentinel One

When a data breach is reported in the media headlines, it will inevitably stir up a flurry of follow-up stories. The majority of these articles will centre around the resulting damage that was suffered by the victims of such a hack. But a data breach, especially one that has been widely publicised, can affect a business financially in numerous diverse and far-reaching ways, and which are often overlooked. Let’s take a look at a few of these impacts in more detail.

Litigation from Affected Customers

Patrice Puichaud
Patrice Puichaud

The first and most obvious financial consequence comes from litigation. In the immediate period following a data breach, customers that have been affected will begin to file lawsuits against the company that suffered the hack. A large majority of these lawsuits will seek monetary damages in order to financially compensate victims for the resulting consequences of the breach. Furthermore, even in the case where financial losses on behalf of the victims cannot be quantified, they will often still seek to sue.

As well as this, in any litigation situation, the company will incur legal costs in order to be able to adequately defend itself and, in the case that the company loses the lawsuit and has to pay damages, these costs could skyrocket.

Potential Damage to the Company Database

A further financial implication companies who have fallen victim to a hack face is the cost incurred to make the required repairs to the company database. In 2015, the average overall cost a company incurs because of a data breach went up to $3.8 million per incident and costs continue to rise. Furthermore, it is estimated that around $1 million of that cost is associated with repairing and remediating the database in order to clear the network of the methods that were used to create the breach and recover the data.

If a company has a good data backup system and that system was not impacted by the breach, then it will be much easier and less expensive to put the database back together. However, in the unfortunate case that there is no backup system in place, then the cost to rebuild the database could increase exponentially.

Damaged Reputation with Existing and Potential Clients

Finally, one of the biggest impacts, in terms of cost, for a company following a data breach can be the resulting impact on the company’s brand reputation. It is estimated that up to 33 percent of the existing clients of a company will stop doing business with that company in the period following a data breach. Although that number is subject to variation depending on the industry of the affected company and the size of the breach, the reality is, companies that experience a breach will see a rise in cost to retain their existing customers.

As well as this, companies that have fallen victim to a hack will also experience an increase cost in the endeavor to acquire new customers. When you combine the impact of the increase in costs to the victim company with the loss in revenue from customers that make the decision to do business elsewhere, it quickly becomes evident how a damaged reputation can have a detrimental effect on an organisation’s bottom line.

Conclusion

The International Data Cooperation estimates that by 2020 25% of the world’s population will have been affected by a data breach. As, year on year, the number of hacks are growing, they are increasingly becoming a central issue for companies regardless of size, industry or geography.

The good news is that the long-term damage done by a data breach can be mitigated based on how the company reacts. In 2016, the RAND Corporation did a survey that showed that 62 percent of victims in a data breach accepted free credit protection services from the company that was hacked. This indicates that, as long as the company is taking the right steps such as notifying customers immediately and offering services to help protect identities, consumers could be willing to give companies the benefit of the doubt. However, companies that delay their response are likely to suffer rapid deterioration of their reputation and serious long-term brand damage.

Over the past year it has begun to feel like there is a new corporate data breach every week with millions of victims affected. However, no matter how many breaches there are, the public is still paying close attention to how companies respond.

But the sad reality is even a quick response is not going to save a company from losing money and future business due to a data breach.