A single data breach can result in billions of dollars in consumer-fraud costs, a new study has found.
The 2013 Data Breach Fraud Impact study, released Wednesday by Javelin Strategy and Research, shows that data breaches can lead to billions of dollars in consumer-fraud charges in addition to the costs they impose on institutions whose systems are breached.
More than half of identity fraud victims in 2012 were also data breach victims. Yet only 20% of people affected by data breaches enrolled in free identity-protection services, the survey says.
Overall there were 1,611 breaches last year, a 48% increase over 2011. A single data breach last year at the South Carolina Department of Revenue, in which 3.6 million Social Security numbers and more than 16,000 card numbers were compromised, cost each person affected an average of $776 and took 20 hours per person to resolve, the study says. It cost businesses a total of $5.2 billion, the study said.
Companies should take their customers' costs into account when considering how to prepare for data breaches, the survey's authors said. "Organizations can promote consumer confidence and loyalty by instituting better protections against the event of a data breach and by mitigating criminals' ability to use stolen data to defraud consumers," said Al Pascual, a senior analyst for Javelin, in a news release.