How much does a data breach cost? Simply put, a data leak is very, very expensive. To make matters worse, you can pay for a data breach for years. The cost of the recent Target data breach, for instance, won't fully be understood for five or ten years, when the dust finally settles and all the lawsuits are resolved.
These “ripple effects” cause a data breach to become more and more expensive for liable businesses. Data breaches can affect customer credit scores, which in turn affect a person's ability to rent an apartment, sign up for a credit card, and make major purchases.
To understand just how expensive a data breach is, let's look at how an IT consultant could be sued when a customer's low credit score prevents them from purchasing a house.
Credit Experts Concerned Data Breaches Will Affect Housing Market
In a recent Los Angeles Times article, credit experts expressed concern that fraudulent charges and other side effects from the Target data breach will negatively affect consumer credit scores. With lower scores, fewer consumers will qualify for home loans and the housing market could weaken.
Credit scores are complicated. After a data breach, a consumer credit score shouldn’t be affected in the long run, since fraudulent activity can eventually be reversed. And while that's true in theory, it's not always true in practice.
Some customers simply won't realize they've been affected by a breach. Meanwhile, hackers can use their private information to sign up for new credit cards. Consumers won't know they have outstanding charges on the fraudulent card until it’s time to buy a house and their credit score comes back lower than expected.
Furthermore, it can take a long time for consumers to correct their credit scores – even if they are aware of the breach. They'll have to petition their credit company and bank. In the months it takes to fix their score, consumers can miss out on a desired home loan.
If a single customer's credit score is even temporarily affected after your business is found liable for a data breach, you could easily wind up paying six-figure damages.
Data Breaches: A Complicated Web of Liabilities
The complicated, interconnected nature of a data breach only increases its cost. For an IT consultant, a data breach's cost will be affected by…
- Ripple effects caused by credit problems.
- Damages to a client's reputation / revenue.
- Multiple lawsuits from clients, contractors, customers, etc.
- Repair costs for a client's IT infrastructure.
- Ongoing credit monitoring and theft prevention costs.
Add up all these factors, and you can see why the average data breach, according to the Ponemon Institute’s 2013 Cost of Data Breach Study, costs $188 per stolen record. If a client loses just 1,000 records, the average cost will come to $188,000.
This is why big businesses invest big money in preventing data breaches. According to a recent article on threatpost.com, Microsoft has awarded almost a quarter of a million dollars in bug bounties since last summer. The company also paid a security expert $100,000 to hack into Windows using a mitigation bypass technique to defeat Microsoft's latest patches and security updates.
Microsoft knows it can only hope to be a half step ahead of hackers, and it dishes out major cash awards to anyone who can find potential security flaws in its products.
A small IT business or freelance developer doesn't have $100,000 to give away to anyone who can find bugs in his or her code. Fortunately, small business insurance protects small IT companies from these expenses.
An Errors and Omissions Insurance policy shields you from the cost of a client data breach lawsuit. The typical E&O policy covers up to $1 million in damages, which protects small IT operations from an otherwise crippling lawsuit.
To learn more about E&O coverage and how much it would cost for a freelancer or small IT company, visit our sample E&O Insurance quotes page or contact an agent for a free insurance quote.