Feeds

Consumers punish firms over data security breaches

Leaked data leads to lost business

Top 5 reasons to deploy VMware with Tegile

Consumer data security breaches are leading to customer revolt and an average cost per incident of $14m, according to a brace of surveys out this week.

One in five US consumers quizzed by Ponemon Institute said they immediately terminated their accounts with vendors that lost their information. An additional 40 per cent polled by the organisation's National Survey on Data Security Breach Notification considered taking their business elsewhere after receiving notifications of information mishandling. The survey polled 9,000 consumers, 12 per cent of whom had received notices of information security breaches.

A parallel study conducted by Ponemon estimates an average cost of $14m per security breach incident, with costs ranging as high as $50m. The survey, Lost Customer Information: What Does a Data Breach Cost Companies?, is among the first to look at data from actual cases of lost customer data. Covering 14 separate incidents, the research encompasses 1.4m compromised data records and an estimated total of $200m in resulting losses. Total cost estimates include the actual cost of internal investigations, outside legal defense fees, notification and call center costs, PR and investor relations efforts, discounted services offered, lost employee productivity, and the effect of lost customers.

Both studies show customers are punishing companies that lose their confidential and private information. However the second corporate study suggests a lower number of consumers take their business elsewhere following consumer data security breaches. This study suggests an average loss of 2.5 per cent of all customers, ranging as high as 11 per cent, as compared to 20 per cent defection after security screw-ups suggested by the consumer survey.

Corporations no longer have the option of hoping that US customers will not find out about mishandled information. Currently, 21 US states have laws requiring that customers or employees be notified when protected personal information has been breached. A series of high-profile consumer data security breaches involving US firms including data mining firm ChoicePoint, payment processing firm CardSystems Solutions and others have pushed the issue up the political agenda.

Security firms such as PGP Corporation are cited by Ponemon as emphasising the need for wider use of encryption technologies in safeguarding customer data. Ponemon's studies can be downloaded from PGP's website here (registration required). ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
'Regin': The 'New Stuxnet' spook-grade SOFTWARE WEAPON described
'A degree of technical competence rarely seen'
You really need to do some tech support for Aunty Agnes
Free anti-virus software, expires, stops updating and p0wns the world
You stupid BRICK! PCs running Avast AV can't handle Windows fixes
Fix issued, fingers pointed, forums in flames
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
HACKERS can DELETE SURVEILLANCE DVRS remotely – report
Hikvision devices wide open to hacking, claim securobods
prev story

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
5 critical considerations for enterprise cloud backup
Key considerations when evaluating cloud backup solutions to ensure adequate protection security and availability of enterprise data.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Getting ahead of the compliance curve
Learn about new services that make it easy to discover and manage certificates across the enterprise and how to get ahead of the compliance curve.