[Dataloss] Article: The Cold, Hard Costs of Data Exposure
lyger
lyger at attrition.org
Wed Sep 27 18:48:53 EDT 2006
(since the question of "how much is my data worth" was asked earlier this
week, here's more for the discussion)
Courtesy Dissent from pogowasright.org
http://www.esj.com/News/article.aspx?EditorialsID=2169
Again and again the stories surface; only the names seem to change.
Company X reports a data breach after a laptop is stolen or a server is
hacked, exposing Y numbers of customers to potential identity theft. The
common response to these incidents includes notifying the affected
customers (as required by various state laws) and (usually) offering a
year.s free credit monitoring service.
What's untold is how much the episode is costing Company X, over and above
the humiliation outlay. "Our estimate is that the cost ranges from $25 to
$150 per impacted record," said Jon Oltsik, analyst at the Enterprise
Strategy Group. More visible, national companies tend to spend more, he
noted, as they have to notify people nationwide and stand more risk of
losing their customers as a result of the incident. Local firms with
minimal competition, such as a community hospital, can mount a less
elaborate response, he said.
[...]
More information about the Dataloss
mailing list