The cost of data breach for the UK businesses has increased by 28 % per customer in 2008. The cost of each lost customer record was £60 in 2008, up from £47 in 2007. The total cost of a data breach ranged from £160,000 to £4.8m.
Research by Ponemon Institute on behalf of data protection specialist PGP Corporation, reveals that the average total cost per incident rose to £1.7m in 2008, from £1.4m in 2007.
Larry Ponemon, chairman and founder of The Ponemon Institute, said: Research proves UK businesses continue to pay dearly for having a data breach. As costs only continue to rise, companies must remain on guard or face losing valuable customers in this unpredictable economy.
According to the study — UK Cost of a Data Breach — the major factor contributing to the costs is the lost customer trust. About 53% of reported costs were due to lost business.
The survey covered breaches involving 4,100 to more than 92,000 records in 30 UK businesses across 10 industry sectors. PGP says that 70% of all cases in 2008 study involved insider negligence; while 30% of incidents involved malicious acts. About 33% of data breach cases resulted from third-party errors.
The data breach costs have increased in the US as well. The companies incurred $202 (£138) per compromised customer in 2008, compared to $197 (£134) in 2007. Here, too, the main contributor to the cost was customer turnover.
Phil Dunkelberger, president and CEO of PGP, said: “2008 saw no slow down to the stream of data breaches started in 2007 — if anything they’ve gotten bigger and more costly. In this current climate, organisations are taking desperate measures to preserve their reputation and retain customers; this study shows they simply cannot afford to lose out to competitors as a result of poor data security.”
