The Financial Consequences of a Data Breach

When a data breach is in the media headlines, it will inevitably stir up a flurry of follow-up stories on the damage that was done to the victims. But a data breach, especially one that is widely publicized, can affect a business financially in many different ways. Let’s take a look at a few of these.

Litigation From Affected Customers

The first and most obvious cost comes from litigation. It does not take long for customers affected by a breach to file lawsuits against the company that was hacked. Most of the lawsuits seek monetary damages to compensate victims for the consequences of the breach. But even in the event where financial losses on behalf of the victims cannot be quantified, victims will still sue.

In any litigation situation, there are legal costs the company will incur to defend itself and these costs could skyrocket if the company loses and has to pay damages.

Potential Damage to the Company Database

Another cost companies incur following a breach is the cost to repair the company database. In 2015, the average overall cost a company incurs because of a data breach went up to $3.8 million per incident. It is estimated that around $1 million of that cost is associated with repairing the database, clearing the network of the methods that were used to create the breach and recovering the data.

If a company has a good data backup system and that system was not impacted by the breach, then it will be easier and less expensive to put the database back together. However, if there is no backup system in place, then the cost to rebuild the database could increase exponentially.

Damaged Reputation With Existing and Potential Clients

Finally, one of the biggest impacts, in terms of cost, for a company following a breach can be the effect on the company’s brand reputation. It is estimated that up to 33 percent of the existing clients of a company will stop doing business with that company following a data breach. Although, that number can vary depending on the industry and the size of the breach, the fact is, companies that experience a breach will see a rise in cost to retain existing customers. In addition, companies that have experienced a breach will also see an increased cost to acquire new customers. Couple these increases in cost with the loss in revenue from customers that choose to do business elsewhere and you can see quickly how a damaged reputation can dramatically affect an organization’s bottom line.


The long-term damage done by a data breach can be mitigated based on how the company reacts. In 2016, the RAND Corporation did a survey that showed that 62 percent of victims in a data breach accepted free credit protection services from the company that was hacked. This indicates that, as long as the company is taking the right steps such as notifying customers immediately and offering services to help protect identities, consumers could be willing to give companies the benefit of the doubt. However, companies that delay their response are likely to suffer rapid deterioration of their reputation and serious long-term brand damage.

Over the past year it has begun to feel like there is a new corporate data breach every week with millions of victims are affected. However, no matter how many breaches there are, the public is still paying close attention to how companies respond.

But the sad reality is even a quick response is not going to save a company from losing money and future business due to a data breach.