The Truth About Data Breaches

A recent report in the New York Times indicates that the data breach which occurred at Target last year ultimately cost the company around $148 million. The story made headlines in part because so many average consumers shop at Target, many of which didn’t even think it was possible for their information to be compromised in such a way. Target’s brand reputation was significantly damaged, and a significant amount of sales revenue was lost as a result of the data breach. Ultimately, around 40 million consumer records were compromised by the Target data breach. [quote from=”New York Times”]Ultimately, around 40 million consumer records were compromised by the Target data breach. If that weren’t bad enough, Home Depot recently announced that they experienced a massive data breach of their own. One of the worst aspects of the report by Home Depot is the fact that the breach took place over several months, and it wasn’t until five months after the breach began that Home Depot recognized the problem and reacted accordingly. On top of that, according to a report in Forbes, the data breach that occurred at Home Depot was even larger than the one that occurred at Target last year. Estimates as high as 56 million credit cards were reported in the Forbes article, and it is possible that there are more to come. Learn more about what the biggest data Breaches in retail have taught us about cybersecurity. [quote from=”Forbes”]The data breach that occurred at Home Depot was even larger than the one that occurred at Target last year, with estimates as high as 56 million credit cards.

Reputation loss can cost more than repairing the breach itself

It is hard to fully quantify exactly how much data breaches will ultimately cost companies like Target and Home Depot. While they have tried to quantify and compare the financial and branding damage that has occurred, the fact of the matter is that there could very well be long-term (and possibly irreparable) damage to their reputations. A recent report by ARMA International indicates that companies who experience widely-publicized data breaches suffer significant damage to their reputation among consumers. That report went on to reference a global survey conducted by SafeNet, which indicated that around 65% of adult consumers would “never or [be] very unlikely to do business again with a company whose customer’s financial information had been breached.”

The Risks Associated With Keeping Data Unencrypted

According to the same ARMA International report, of the 237 breaches that occurred between April and June of 2014, only two of the breaches were of “secured” and “encrypted” data stores. Data breaches can occur a number of different ways; in the case of the Target’s breach, Kerbs reported that it was due to a malware program created by an attacker. And, in Home Depot’s ongoing investigation has determined that criminals used unique, custom-built malware to evade detection. Of the 237 breaches that occurred between April and June of 2014, only two of the breaches were of “secured” and “encrypted” data stores.

So, what’s the Corodata difference?

These were not data breaches that happened on encrypted, backed up data. The data breaches affecting Home Depot and Target all involve raw data not encrypted data. The primary difference between raw and encrypted data is that raw data can be easily read by anyone who can gain access to the servers on which it is located, while encrypted data requires hackers to understand the encryption, debug it, and have the technology to read it.  Indeed, it can cause catastrophic and terminal harm to businesses that cannot weather quarters (or even years) of negative publicity and consumer aversion. That’s why Corodata’s data protection services are one of the best investments you can make in your business. Our services include media archival storage and CoroCloud.