BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

The true cost of Target’s 2013 cyber attack

From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Thu, 26 Feb 2015 19:19:06 -0700
If you ever needed an argument as to why your company should invest more
money in cyber security, just think of Target.

The American retailing company was a target (no pun intended) for a
cyberattack back in 2013, and it has ended up costing the company $162
million (slightly more than £104 million).

The cyberattack led to the theft of millions of customers’ credit card
details.

Target revealed these figures during the 2014 full-year earnings report,
and added that the damage would have been even higher, if it wasn’t for
insurance pay-outs.

“Target incurred breach-related expenses of $4m (£2.5m) in fourth quarter
2014 and full-year net expense of $145m (£93.4m), which reflects $191m
(£123m) of gross expense partially offset by the recognition of a $46m
(£30m) insurance receivable,” the company said.

“Fourth quarter and full-year 2013 net expense related to the data breach
was $17m (£11m), reflecting $61m (£39m) of gross expense partially offset
by the recognition of a $44m (£28.3m) insurance receivable.”

However, that’s not the end to Target’s miseries. The cost of the data
breach will probably rise a bit more, as Target seems likely to receive a
legal challenge from customers and banks unhappy about the breach.

In December 2014, a federal judge rejected Target’s bid to dismiss a
lawsuit by banks seeking to recoup money they spent reimbursing fraudulent
charges and issuing new credit and debit cards because of the retailer’s
data breach.

This is yet another example of how costly low security can be for a
company. Both Sony and Anthem were also victims of costly hack attacks.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!
Previous By Date Next
Previous By Thread Next

Current thread: