In a recent public disclosure to shareholders, Target has quantified the dollar cost of its heavily-publicized customer data breach in late 2013. Forbes reports the cost at $148 million, bringing a staggering conclusion to the theft of over 40 million credit card numbers. In addition to the larger figure, the company noted that only a small portion is covered by insurance, which leaves the company teetering on the edge of a financial precipice.
Tip of the iceberg
While Target was able to pinpoint the direct result of losing 40 million customer records at $3.70 per customer, the resulting damage to the brand can never be fully calculated. Loss of customer trust is an issue faced in any business, and when sensitive data is involved, the public and – more recently – the media are unforgiving.
Preventing a Target-sized fiasco
While no system is able to prevent data breaches with 100% certainty, it is known that hackers often employ social engineering to ferret out passwords and documents containing sensitive information. In the case of the Target breach, an unsecured vendor account was compromised and then used to access sensitive files within Target’s system.
Implementing secure document collaboration and rules-based sharing could help prevent employees and vendors from becoming unwitting accomplices to data breaches, while reinforcing a culture of data security beyond just having comprehensive written policies.