DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Does a data breach hurt your brand?

Posted on January 20, 2011 by Dissent

Over on The New School of Information Security, Adam has a post that those of us who report on breaches or comment on the impact of breaches need to read, and  I do encourage everyone to watch the video and read his entry.  The bottom line of his post is that security breaches do not hurt brand.

Not everyone agrees with his conclusion, of course.  George Hulme, for example, recently wrote that he thinks the data supports a conclusion that brand is hurt.

I can think of two specific cases where a company did fold or go under following a breach:  Verus, Inc. folded after a firewall configuration error resulted in their hospital clients’ online bill payment systems exposing patient account information.  And Spicy Pickle closed their two locations  following a POS breach that victimized 150 customers. The owners said they never recovered sales levels.

Other than those two cases, I cannot think of any other such drastic results from a data breach.  Are they ‘enough’ evidence to suggest that  statements that breaches don’t hurt brand may be too sweeping or overly broad? I would like to see Adam respond on his blog to the studies George Hulme cites and isolated reports of businesses folding. If we tell businesses that “breaches don’t hurt brand,” are we going too far in the anti-FUD direction?

Terry Sweeney (and Adam) may be right in claiming that there is no lasting harm to brand – but they may need to qualify that assertion to add “if the company is big enough to survive an immediate hit.”  And perhaps they also need to consider that even when companies rebound following an initial hit in sales or stock prices, they may not grow as much as they might have.

Not that anyone may care or that it significantly impacts their bottom line, but I never used a credit card at TJX again following the disclosure of their breach.  That means that I have purchased less and essentially stopped shopping at their stores.   Most people will not have the type of extreme response I had, but how much higher might TJX’s profits be now if they hadn’t had a huge breach in 2007?  TJX may have rebounded, but how much churn did they experience from the breach?

[corrected the name of Adam’s blog].

Note: Larry commented on Adam’s blog that CardSystems also had a severe consequence as a result of a breach affecting 40 million. I had forgotten about that incident, but he’s right.

No related posts.

Category: Commentaries and Analyses

Post navigation

← Vermont Attorney General Settles Security Breach Allegations Against Health Net
California Legislature to take up data breach notification proposal →

2 thoughts on “Does a data breach hurt your brand?”

  1. adam says:
    January 21, 2011 at 12:10 pm

    I’m working on a longer response, but we’ve had a thousand breaches since CardSystems, and even you forgot about it.

    1. admin says:
      January 21, 2011 at 12:31 pm

      Yeah, but I’m old. I forget things anyway, even if there hadn’t been 1,000 more breaches since then. 🙂

      I look forward to seeing your response – particularly to the studies with data.

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • National Health Care Fraud Takedown Results in 324 Defendants Charged in Connection with Over $14.6 Billion in Alleged Fraud
  • Swiss Health Foundation Radix Hit by Cyberattack Affecting Federal Data
  • Russian hackers get 7 and 5 years in prison for large-scale cyber attacks with ransomware, over 60 million euros in bitcoins seized
  • Bolton Walk-In Clinic patient data leak locked down (finally!)
  • 50 Customers of French Bank Hit by Insider SIM Swap Scam
  • Ontario health agency atHome ordered to inform 200,000 patients of March data breach
  • Fact-Checking Claims By Cybernews: The 16 Billion Record Data Breach That Wasn’t
  • Horizon Healthcare RCM discloses ransomware attack in December
  • Disgruntled IT Worker Jailed for Cyber Attack, Huddersfield
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Trump administration is building a national citizenship data system
  • Supreme Court Decision on Age Verification Tramples Free Speech and Undermines Privacy
  • New Jersey Issues Draft Privacy Regulations: The New
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.