Costs of data breaches in U.S. increases sharply: NetDiligence
Reprints
PHILADELPHIA—New data released this week by Philadelphia-based Network Standard Corp., which does business as NetDiligence, indicates that the costs associated with a data breach for U.S.-based companies have increased sharply in the last year.
The sample study, unveiled during a panel discussion at the company's 2012 Cyber Risk and Privacy Liability Forum in Philadelphia, analyzed data from 153 data or privacy breach claims paid by insurers between 2006 and 2011, ranging from $2,000 to $73 million.
On average, the study said, payouts on claims made in the past five years totaled $3.7 million per breach, compared with an average $2.4 million for claims made from 2005 and 2010.
Although the number of claims analyzed in this year's report was higher than in 2011 (153 in 2012 compared with 117 the prior year), the average number of records exposed per breach decreased, to 1.4 million in 2012 from 1.7 in 2011.
Among 10 possible allocations cited in the report, an overwhelming majority of the money insurers paid in response to a data breach was used to cover defense and settlement costs. An average breach event triggered $2.1 million in settlements and another $587,000 in defense costs, the 2012 study results said. In the prior year, settlement costs for the average data breach only totaled an average $1 million per breach, while defense costs totaled an average $500,000.
Read Next
-
Emory Healthcare says 315,000 patient records missing, data compromised
ATLANTA—Emory Healthcare announced this week that backup disks containing approximately 315,000 patient records had gone missing from a storage location at Emory University Hospital.
