While the digital age has helped improve lives in many positive ways, it also has created new threats to public safety. Data breaches, in particular, have been on the rise as more personally identifiable information (PII) is stored online.
There are two main groups that are affected in a data breach: the organizations that experience a data breach and the individuals who have PII stored in the company’s database.
How Data Breaches Affect Organizations
When organizations get hit with a data breach, they must deal with the costs of remediation. A recent report by Audit Analytics found that businesses pay an average of $116 million per data breach incident. The cost is dependent on the length of time it takes to solve the problem as well as the sensitivity of the compromised customer information. Broken down into categories, this price tag is primarily composed of:
- Detection and escalation (31.1%): These are cybersecurity activities that enable a company to detect the breach and report it to appropriate personnel.
- Notification (5.4%): These are activities that enable the company to meet the compliance obligations of notifying regulators and individuals who had data compromised in the breach.
- Post data breach response (27.3%): These processes are set up to enable customers to communicate with the company (e.g. call centers) as well as costs associated with redress and reparation.
- Lost business (36.2%): These activities are associated with the cost of lost business including revenue loss, business disruption, system downtime and new customer acquisition.
How Data Breaches Affect Individuals
Individuals, on the other hand, have to deal with the risk of identity theft. When cybercriminals leak customer information after a data breach, it usually ends up for sale on the dark web. This creates the possibility for anyone seeking to commit payment fraud, for instance, to buy a person’s financial DNA and use it to apply for credit, make purchases or commit other crimes in his or her name. Identity theft can leave a victim with damaged credit, tax debt or a criminal record that takes time and resources to resolve. The least tangible effect, but possibly the most harmful, is the emotional and mental toll it takes on victims. Stress has the potential to negatively impact an individual’s physical health and relationships with family and co-workers.
A recent Identity Theft Resource Center study on the non-economic effects of identity theft found the following:
- 1% reported issues with their sleep habits
- 3% reported increased stress levels
- 6% had problems with their concentration
- 8% had persistent aches, pains, headaches, stomach issues and/or cramps
- 5% had increased fatigue or decreased energy.
This stress also affected their relationships. Respondents reported:
- 4% reported getting into more arguments with family
- 5% reported loss of trust with family
- 45% reported feeling distant from friends
- 65% reported not receiving support from friends
- 8% reported asking friends and family for financial assistance while resolving their identity theft
With more than 1.6 billion records exposed in the last 15 years, this means more than half of all Americans have had their PII leaked online. Given the risks and costs associated with data breach and identity theft, businesses and organizations alike must find solutions to improve their data management practices to reduce the effects of new digital threats.