DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Corporate data breach average cost hits $7.2 million

Posted on March 8, 2011 by Dissent

The cost of a data breach went up to $7.2 million last year up from $6.8 million in 2009 with the average cost per compromised record in 2010 reaching $214, up 5% from 2009.

The Ponemon Institute’s annual study of data loss costs this year looked at 51 organizations who agreed to discuss the impact of losing anywhere between 4,000 to 105,000 customer records. The private-sector firms participating in the Ponemon Institute’s “2010 Annual Study: U.S. Cost of a Data Breach” hail from across various industries, including financial services, retail, pharmaceutical technology and transportation.

Read more on NetworkWorld.   Of note, those who respond quicker to getting notifications out to consumers, seem to be paying more:

About 41% of the respondents in the study said their organization had notified victims within one month of discovering the data breach, up from 36% in 2009. But these so-called quick responders paid $268 per record, up 22% from 2009 — and substantially more than companies that took longer, which paid $174 per record, down 9% from 2009.

Okay, that’s not good. We don’t want entities having to pay more promptly disclosing. What is increasing the cost of the breach clean-up to entities who respond quickly? According to Ponemon’s press release:

Costs pile up in a rush to make a one-month or less reporting time deadline and don’t necessarily mean companies are doing a better job in the forensics of understanding exactly what happened to them in the data breach, says Ponemon. Instead, it seems to lead to an “over-reporting phenomenon” where more records than were actually in the data breach are reported and publicly disclosed. This may be happening because companies are afraid they will have problems with state or federal regulators or class-action lawsuits if they delay past the one-month timeline, he said.

These data will undoubtedly be used by some to argue for a “take a bit more time and get it right and save money” approach. There’s much to discuss here.


Related:

  • North Country Healthcare responds to Stormous's claims of a breach
  • Gladney Adoption Center had serious data exposures in the past few months. What will they do to prevent more?
  • 70% of healthcare cyberattacks result in delayed patient care, report finds
  • Hackers Can Remotely Trigger the Brakes on American Trains and the Problem Has Been Ignored for Years
  • Back from the Brink: District Court Clears Air Regarding Individualized Damages Assessment in Data Breach Cases
  • Qilin Emerged as The Most Active Group, Exploiting Unpatched Fortinet Vulnerabilities
Category: Commentaries and Analyses

Post navigation

← Ca: Central Health employee terminated for privacy breach
Hard drive containing personal information of some Western Michigan University students and faculty missing →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Scattered Spider Hijacks VMware ESXi to Deploy Ransomware on Critical U.S. Infrastructure
  • Hacker group “Silent Crow” claims responsibility for cyberattack on Russia’s Aeroflot
  • AIIMS ORBO Portal Vulnerability Exposing Sensitive Organ Donor Data Discovered by Researcher
  • Two Data Breaches in Three Years: McKenzie Health
  • Scattered Spider is running a VMware ESXi hacking spree
  • BreachForums — the one that went offline in April — reappears with a new founder/owner
  • Fans React After NASCAR Confirms Ransomware Breach
  • Allianz Life says ‘majority’ of customers’ personal data stolen in cyberattack (1)
  • Infinite Services notifying employees and patients of limited ransomware attack
  • The safe place for women to talk wasn’t so safe: hackers leak 13,000 user photos and IDs from the Tea app

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Wiretap Suits Pit Old Privacy Laws Against New AI Technology
  • Action against tiny Scottish charity sparks huge ICO row
  • Congress tries to outlaw AI that jacks up prices based on what it knows about you
  • Microsoft’s controversial Recall feature is now blocked by Brave and AdGuard
  • Trump Administration Issues AI Action Plan and Series of AI Executive Orders
  • Indonesia asked to reassess data privacy terms in new U.S. trade deal
  • Meta Denies Tracking Menstrual Data in Flo Health Privacy Trial

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.