Security practice mistakes can be costly. Some mistakes can be staggeringly expensive to clean up. Target’s breach from 2013 is one of them.
To settle a class action suit filed to the U.S. District Court in Minnesota, Target has agreed to pay $10 million, according to court documents filed last Wednesday. Members of the suit with proper documentation are eligible for up to $10,000 each.
In addition to the $10 million class action settlement, Target has needed to spend a great deal to clean up the ripple effects from the hack. It is important to remember that the ramifications in a sophisticated hack can continue to pile up as collateral damage is discovered. Your best bet is having a solid multi-layer protection plan in place and a disaster recovery plan set for motion if need be. Lagging time and dragging feet can put you out of business.
How much will it cost Target?
According to Market Watch, Target’s annual filing released earlier this month, the company estimated the data breach will cost it $252 million in expenses ($162 million after expected insurance compensation). The data breach compromised up to 40 million customers’ card accounts and up to 70 million customers’ personal information. .
Target won’t break down how they’ve reached the estimated $252 million in expenses, but they do specify many potential areas where they may see big payouts. For one, Target is facing investigations from state and federal agencies, including State Attorneys General, the Federal Trade Commission and the SEC. These agencies may impose fines and other penalties that “could materially increase” its data security costs even beyond the current estimated costs. The fallout from such penalties could “adversely impact” how Target operates its business and collects and uses customer information, and may put it “at a competitive disadvantage with other retailers,” Target said in the filing.
“Three of the four largest payment-card networks, which, combined, represent a “substantial majority” of the cards being breached, have made written claims against Target. Those claims could involve reimbursement of incremental counterfeit fraud losses and things like card reissuance costs.”
You can’t clean up a flood with a piece of paper towel and Target is learning the hard way. The amount of time and money Target will have to throw at this problem will follow the corporation for a good while. There is never a quick fix to situations of this magnitude, so prevention is even more important.
Companies like Target and Home Depot raised the average but today’s hackers warm up on small and medium businesses before taking aim at the big guys. Defending your network with an unmanaged firewall is like living in a dangerous neighborhood with only one flimsy lock on the door.
The SLPowers suite of Managed Security Services allows you to focus on your day-to-day operations, while our team of security experts manages the critical components of your organization’s security posture.