Breaches Are Costing Companies Much More Than Money

The cost of a data breach isn’t limited to financial loss. The repercussions of inadequate data handling processes can extend further and last longer than a one-time fine.

A few years ago, the British mobile phone retailer, Carphone Warehouse discovered a “sophisticated attack” on its systems, possibly compromising the personal information of 2.5 million customers and the encrypted credit card data of an additional 90,000 customers.

Carphone Warehouse waited 3 days before alerting its customers about the breach via email. The Information Commissioner’s Office (ICO) investigated the attack and upon examining Carphone Warehouse’s data handling processes, characterized the “number of distinct and significant inadequacies in the security arrangements” as “striking.”

The following ICO investigation resulted in fines of £400,000. It confirmed the breach had jeopardized the personal information of over 3 million customers and 1,000 employees. UK Information Commissioner, Elizabeth Denham stated Carphone Warehouse had not “been actively assessing security systems and ensuring defence against such attacks.” In fact, the retailer was hacked using old WordPress software, which emphasizes the importance of maintaining state of the art security practices.

With new compliance regulations going into place, like GDPR and CCPA, data breaches like the one experienced by Carphone Warehouse are the subject of more news stories than ever and they happen to businesses everywhere, in every industry, of any size. Companies should have processes in place that are specifically designed to both prevent and react to hacks if and when they occur.

There’s no individual solution equipped to guarantee breach prevention and technology alone isn’t enough. Companies must overhaul underlying processes and train employees to follow proper procedures. The GDPR stipulates that every business handling the personal data of EU citizens must ensure it has adequate security measures in place. Had they been found liable under the GDPR, the fines could have cost Carphone Warehouse over £17 million or 4% of its annual global revenue. And that is just the beginning…

Trust

Related posts:

Most twenty-somethings head off to Mexico, California or Florida for spring break. I booked a trip for White Bear Lake, Minnesota and convinced my best friend to come with me. I’m not from Minnesota…

I find it intriguing, that we can become so attached to a group of people or person in such short time periods and then forget them in even shorter time periods. That people can replace other people…

We took the time to put together some Frequently Asked Questions for your NASH80 adventure this Jan. 4-Jan. 7, 2018. In the spirit of organization, we will be updating this page as the weeks go on…