What's the Real Impact of a Data Breach on Your Business?
I discovered last week that I was one of the 56 million or more privileged to be included in the Home Depot security breach. My Visa card was compromised, and the crooks had already tried to charge more that $1000 in purchases at Walmart.
Thankfully my credit union noticed the fraudulent transactions and blocked my account until they could get confirmation from me. Unfortunately, they didn't have my current phone number (I dropped my landline and forgot to notify them). Instead, it took a call from me wondering why my transactions weren't going through to find out what was going on.
This isn't the first time I've been a victim of such fraud, but I escaped the Target data breach and this is the first time in a few years I've had to deal with the repercussions of such an incident. I had lost track of how dependent I had become on electronic payments in our cashless society.
As I think through how many companies are auto-billing my Visa, I'm amazed at how much time it's going to take to straighten everything out: My insurance company, the gym, my hosting company, stored accounts on e-commerce sites. The list goes on.
And that's just me.
What about the companies involved?
The downstream cost of security breaches is enormous. Each one of these companies will get a bounced payment if I don't update my records immediately. They'll have to spend time and money tracking down customers for updated payment information. My credit union has answer untold calls from unhappy customers, block and refund transactions, and issue new cards.
Home Depot of course has to deal with the brunt it. The media backlash. The expenses associated with notifying affected customers. The cost of free credit monitoring. The damaged reputation.
The whole situation has left me feeling that the only safe transaction is a cash one, but that's certainly not practical in this day and age.
I know I'm not alone in this plight, and many of your reading this are in the same situation. While the personal impact is frustrating, the business impact can be much greater.
Are You Ready?
Security experts say it's not a matter of "if" but "when" you'll face a similar challenge so you need to prepare.
- When your company has a security breach, do you know what to do?
- Are you making appropriate efforts to protect your customers' data?
- What's the risk to your hard-earned brand and reputation?
- Would such a breach have the potential to put your company out of business?
I haven't seen figures yet on what this will cost Home Depot, and the effects of this breach will be far reaching.
It's like a hurricane that affects much more than the residents, employers and local businesses in the area it hits. Insurers, mortgage companies and all the service providers like gas and electric are impacted. Friends and relatives feel the effects, even when they live far away. Car dealers, home furnishing stores, delivery services, medical practices, they all feel the pain.
The difference is that a hurricane is a natural disaster. Hacking isn't.
Businesses have a responsibility to do everything possible to prevent these security breaches, although staying ahead of the game can be difficult. If you haven't done so already, take some time in the next day or two to review your company's security protocols and crisis response plan.
Make sure these are solid as they can possibly be. If you don't have them, jump on it and do something. Don't wait until it's too late.
This may not be your forte, but it's mission critical. Seek help when you need it from a qualified technology expert or security consultant. Get a communications consultant to help you with the crisis response plan. Make sure your employees know how to detect and prevent such instances, and if they suspect them, be sure they know how to respond.
Don't become the next data breach headline.