highlighted post -

6 months later, Target still feels pain from data breach

May 5, 2014

If a large corporation is still feeling the pain months after a company data breach, what impact could a breach have on a small business?

When Target’s monitoring system first picked up signs of a data breach a few days before Thanksgiving 2013 they immediately… did nothing at all.  Target had a sophisticated software system and hundreds of people in IT to warn them of potential breaches, but just breezed right by the bright red flags ahead of the critical holiday shopping season.  Whether it was complacency, incompetence or something else, the results were catastrophic.  40 million accounts breach, potential costs of up to $1 billion and weakened holiday sales were just the start.

The most important thing Target lost in the data breach was their reputation with consumers.  Today their CEO Gregg Steinhafel paid the price, resigning after 35 years with the retailer. This isn’t an isolated incident, there were 267 million records compromised in 2012 alone with the average breach totaling $5.4 million. And the price for future data breaches could climb even higher.

Last week the Minnesota legislature proposed a bill that would require businesses with any customers in the state to notify affected customers nationwide in the event of a data breach.  On top of required notification within 48 hours and free credit monitoring, retail organizations would also need to provide each affected individual a $100 gift card.  Take the 40 million accounts in the Target data breach and multiply by $100 or more per account and the costs of a data breach just became much higher than anyone previously thought.

Target invested in the right resources to prevent this catastrophe, and then fell asleep at the wheel.  But, most businesses couldn’t afford to invest even a fraction of what Target spent to detect potential breaches before they happen.  The hackers aren’t going away, and any business that operates online, or even just accepts credit cards, is vulnerable. It’s important to have someone to help you recover from a potential breach.

A few hours spent contingency planning for your small business today could save you untold time and money in the event of a data breach that impacts your customers.  You can also get insurance protection specifically for privacy and data breach – it might be the most important measure you can take to protect your business and your livelihood.