DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Does a data breach hurt your brand?

Posted on January 20, 2011 by Dissent

Over on The New School of Information Security, Adam has a post that those of us who report on breaches or comment on the impact of breaches need to read, and  I do encourage everyone to watch the video and read his entry.  The bottom line of his post is that security breaches do not hurt brand.

Not everyone agrees with his conclusion, of course.  George Hulme, for example, recently wrote that he thinks the data supports a conclusion that brand is hurt.

I can think of two specific cases where a company did fold or go under following a breach:  Verus, Inc. folded after a firewall configuration error resulted in their hospital clients’ online bill payment systems exposing patient account information.  And Spicy Pickle closed their two locations  following a POS breach that victimized 150 customers. The owners said they never recovered sales levels.

Other than those two cases, I cannot think of any other such drastic results from a data breach.  Are they ‘enough’ evidence to suggest that  statements that breaches don’t hurt brand may be too sweeping or overly broad? I would like to see Adam respond on his blog to the studies George Hulme cites and isolated reports of businesses folding. If we tell businesses that “breaches don’t hurt brand,” are we going too far in the anti-FUD direction?

Terry Sweeney (and Adam) may be right in claiming that there is no lasting harm to brand – but they may need to qualify that assertion to add “if the company is big enough to survive an immediate hit.”  And perhaps they also need to consider that even when companies rebound following an initial hit in sales or stock prices, they may not grow as much as they might have.

Not that anyone may care or that it significantly impacts their bottom line, but I never used a credit card at TJX again following the disclosure of their breach.  That means that I have purchased less and essentially stopped shopping at their stores.   Most people will not have the type of extreme response I had, but how much higher might TJX’s profits be now if they hadn’t had a huge breach in 2007?  TJX may have rebounded, but how much churn did they experience from the breach?

[corrected the name of Adam’s blog].

Note: Larry commented on Adam’s blog that CardSystems also had a severe consequence as a result of a breach affecting 40 million. I had forgotten about that incident, but he’s right.

No related posts.

Category: Commentaries and Analyses

Post navigation

← Vermont Attorney General Settles Security Breach Allegations Against Health Net
California Legislature to take up data breach notification proposal →

2 thoughts on “Does a data breach hurt your brand?”

  1. adam says:
    January 21, 2011 at 12:10 pm

    I’m working on a longer response, but we’ve had a thousand breaches since CardSystems, and even you forgot about it.

    1. admin says:
      January 21, 2011 at 12:31 pm

      Yeah, but I’m old. I forget things anyway, even if there hadn’t been 1,000 more breaches since then. 🙂

      I look forward to seeing your response – particularly to the studies with data.

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Hunters International to provide free decryptors for all victims as they shut down (1)
  • SEC and SolarWinds Seek Settlement in Securities Fraud Case
  • Cyberattacks Disrupt Iran’s Bread Distribution, Payments Remain Frozen
  • Hacker with ‘political agenda’ stole data from Columbia, university says
  • Keymous+ Hacker Group Claims Responsibility for Over 700 Global DDoS Attacks
  • Data breach reveals Catwatchful ‘stalkerware’ is spying on thousands of phones
  • DOJ investigates ex-ransomware negotiator over extortion kickbacks
  • Hackers Using PDFs to Impersonate Microsoft, DocuSign, and More in Callback Phishing Campaigns
  • One in Five Law Firms Hit by Cyberattacks Over Past 12 Months
  • U.S. Sanctions Russian Bulletproof Hosting Provider for Supporting Cybercriminals Behind Ransomware

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Record-Breaking $1.55M CCPA Settlement Against Health Information Website Publisher
  • Ninth Circuit Reviews Website Tracking Class Actions and the Reach of California’s Privacy Law
  • US healthcare offshoring: Navigating patient data privacy laws and regulations
  • Data breach reveals Catwatchful ‘stalkerware’ is spying on thousands of phones
  • Google Trackers: What You Can Actually Escape And What You Can’t
  • Oregon Amends Its Comprehensive Privacy Statute
  • Wisconsin Supreme Court’s Liberal Majority Strikes Down 176-Year-Old Abortion Ban

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.