Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Target Data Breach Tally Hits $162 Million in Net Costs

The cost of the Target breach keeps on climbing.

According to the firm’s latest earnings report, the net expense of the breach stands at $162 million. 

The cost of the Target breach keeps on climbing.

According to the firm’s latest earnings report, the net expense of the breach stands at $162 million. 

The actual total has now reached a gross expense of $191 million. That amount was partially offset by a $46 million insurance receivable in 2014. In 2013, the company’s gross expense related to the breach was $61 million, which was offset by a $44 million insurance payment. That brings the net expense of the breach for the retail giant to $162 million.

According to the Ponemon Institute’s ninth annual global study on data breach costs released last year, the average total price tag of a breach was $145 for every record stolen or lost – an increase of nine percent compared to the cost noted in the previous report. The study focused on 314 companies across 10 countries. All the companies that participated in the 2014 study had experienced a data breach ranging from a low of 2,400 compromised records to a high of slightly more than 100,000. The most expensive data breaches occurred in the U.S. and Germany, and cost $201 and $195 per compromised record, respectively.

“Invest now or pay later — this is the message from one of the largest data beaches reported to date,” said Steve Hultquist, chief evangelist at RedSeal. “Consider the ROI [return on investment] for even a very significant investment in proactive security analytics and process improvements that could have blocked the beach before it even started.”

A new report from FireEye’s Mandiant found that organizations generally did better last year in detecting data breaches than in the past. Based on the investigations the firm conducted in 2014, the median number of days attackers were persent on a network before being discovered dropped to 205 from 229 in 2013. Still, only 31 percent actually figured out by themselves that they had been breached, down from 33 percent in 2013 and 37 percent in 2012.

Target’s full-year adjusted earnings in 2014 were $4.27 per share, a decrease of 2.6 percent from 2013. Eric Chiu, president and co-founder of HyTrust, said major breaches such as the one experienced by Target can have a “real impact on the bottom line.”

“The $162 million spent so far by Target is just a drop in the bucket given the class action lawsuits by consumers as well as the recent court ruling that banks can go after Target to recoup their losses,” he said. “When all is said and done, the cost of the breach could reach over $1 billion. That should serve as strong evidence that companies need to make security a top priority — especially around insider threats, which is how most breaches are happening today.”

Written By

Click to comment

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

Artificial intelligence is competing in another endeavor once limited to humans — creating propaganda and disinformation.

Cybercrime

Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack

Cybercrime

A digital ad fraud scheme dubbed "VastFlux" spoofed over 1,700 apps and peaked at 12 billion ad requests per day before being shut down.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Cybercrime

Cybercriminals earned significantly less from ransomware attacks in 2022 compared to 2021 as victims are increasingly refusing to pay ransom demands.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.