How Consumers Foot the Bill for Data Breaches

Whether data breaches happen to individuals, companies or whole government organizations, they are rarely if ever cheap to deal with or in any way funny. In all of these cases, somebody is going to end up paying for the costs of a breach and usually that person is the end user or consumer of a given company’s products.

Whether data breaches happen to individuals, companies or whole government organizations, they are rarely if ever cheap to deal with or in any way funny. In all of these cases, somebody is going to end up paying for the costs of a breach and usually that person is the end user or consumer of a given company’s products.

We’re now going to cover exactly how big the costs of a data breach can be, how they get passed on to end consumers and how exactly they affect the economy as whole.

Let’s start with the example of retail giant Target, which was hacked in the winter of 2013 and suffered the theft of some 40 million credit card records.

The Impact of the Target Breach: A Case study

In Target’s case, the people affected by its massive data breach were not just the company employees, their bosses and not even just the customers of the retailer themselves. All of the company’s customers became victims and so did wider society itself as we’ll soon see.

In terms of direct costs to Target: the CEO was forced to resign and received a severance package worth 15.9 million dollars. The company as a whole had to pay for over 1 billion in fines for its negligence and on top of these two massive expenses, a 443 million dollar loss in revenues was recorded in the wake of the card data thefts.

Finally, there were fraudulent transactions on the cards themselves, which amounted to 2.2 billion dollars and had to be systematically refunded by credit card companies.

The Costs of the Average Breach

The case of target was a major example of how costly data breaches can be to a company and its customers. However, hundreds of smaller corporate breaches carry their own widespread costs as well. There were 617 of these kinds of hacks against businesses recorded in 2013,  that number is sure to grow in 2014.

Some of these averaged costs include:

• $5 on average per customer for notifications of fraud (a single breach often involves thousands or millions of customers)
• $30 per average single card cancellation and associated credit monitoring
• $2000 per hour of forensic examination (multiply this by hundreds of hours per data breach)
• $500 thousand dollars per breach related business legal defense
• 1 million dollars per average breach related corporate settlement
• 1 million dollars in regulatory fines per corporate breach

These amounts total out to just over 5,400,000 dollars and they represent the average expenses of just one single business among many others in the same situation.

Also, understand that the average SINGLE breach affects some 28,765 customers and that it costs about $188 per customer to fix the problem.

So How do Customers Foot these Expenses?

Via retail outlets:

Retailers will either directly pass the costs of those breaches they suffer right on to their customers in the form of higher prices across the board or they will have their costs paid by insurers who will then raise premiums industry wide and force retailers to raise prices on their products anyhow.

Via credit card providers:

If the retailers aren’t enough of a hit on customers pockets, there are also the credit card providers themselves. These companies and the banks they work through will have to roll back and refund any fraudulent charges that breaches have resulted in. In order to offset this cost, they raise interest rates and fees across the board for their customers, often by as much as 7% in a year.

What’s the Total Economic Damage?

The aggregate cost of data breaches on the U.S economy as a whole amounts to a staggering 140 billion dollars per year. This includes direct costs to companies that participate in the economy, costs to their customers and also indirect costs such as increased taxes for law enforcement budgets.

Furthermore, it’s estimated that the economy loses 500,000 jobs per year thanks to data breach losses.

Identity Theft

Data breaches are more than anything about identity theft for the sake of generating a profit. And this identity theft carries its own costs beyond those mentioned above.

Some of these costs of identity theft include: the financial victimization of an average of 66% of victims, individual average losses of $9600 dollars and a loss of productive labor time, which for 10% of breach victims amounts to at least a month of work at taking back ones identity.

Even when victims of ID theft don’t need to pay out of pocket repair expenses, their card providers and banks do and (as we already covered above) pass those expenses on to other customers.

So, as you’ve been shown, data breaches are a serious and majorly disruptive business run by many hackers. To find out more about them and about how you can protect yourself as a customer or business owner, check out the fascinating infographic on data breaches by the digital security experts at Authentify.com