So how common has the issue of data breach’s become. It’s nothing new. It’s become more and more common place. I have been in the Information Technology business for almost 30 years. Started in 1988, a few years before the internet became a public household entity. Corporate, academia and government had internal networks and may have used a modem to transmit data between institutions. This was pretty slow and would not have permitted the kind of volume that today’s networks allow. This was also before the day of websites. I’m sure there were some incidences but not wide spread or well known.
According Wikipedia, they have compiled and listed only data breaches that affected over 30,000 records. Starting in 2004 AOL was hacked from the inside and 92,000,000 records were compromised. In 2005 the major credit card companies, MC, VISA, Discover and AMEX had 40,000,000 records stolen, it was hacked from outside due to poor security. The list goes on and on. Almost 27,000,000 records were lost from The U.S. Department of Veteran Affairs, so you can see its not always a electronic based hack. In 2015 80,000,000 records were hacked from Anthem inc.
According to statistics there have been over 300 data breaches since 2004 and we are only counting the ones with more than 30,000 records. In 2015 the average cost of a data breach is over $150,000,000. Now we have the Equifax debacle with over 143,000,000 and the grand daddy of them all (so far) is Yahoo, who back in 2013 announced that there were 1 billion records hacked but just came out this week, they have revised their estimate to over 3 billion!! Almost half the population in earth!
Estimates that the total global annual cost in 2020 is forecast to be…wait for it…$2.1 trillion!
So here is my point. Why? Any business that had suffered this kind of financial repercussions due to lack security would have folded a long time ago, after all they could not handle the financial burden caused by the lack of trust and lack of business. So why hasn’t that happened to American business. My opinion…they have not had to pay the price. Everything gets passed on to the customer. It has become the cost of doing business. They make the announcements, maybe someone is hauled in to congress and yes…now people are losing their jobs (with the golden parachute). But there has not really been any consequences for allowing this to happen. And most all of it is preventable. Equifax admitted that the cost of patching the servers was just too much. I don’t mean to just pick on Equifax but they are a great example of the hubris of these companies. They knew months in advance of the security flaw and failed to act. Executives waited weeks before publicizing the breech to the public (while they sold their stock….I believe this is the very essence of insider trading….do you think there will be criminal charges…after Wells Fargo…don’t hold your breath.) and to top it off tried to financialy gain off of their massive error by charging people to freeze their credit records.
The answer to this. Massive fines, do not allow the entities to pass on the cost to consumers and heads should roll and go to jail. Plain and simple and you will see this problem to a large degree cleaned up.