image

Security Matters

Welcome to our cybersecurity hub.
  • info@leaks-nda.com

Data leaks.

Data leaks accros the world are becoming more and more common, the outcome of such events poses a greater threat to the lives of individuals, companies with a huge client base risk more than others as they are responsible for holding up the data of millions of individuals, such events for them means huge fines, lawsuits, reputation loss and many other negative consequnces up to bankruptcy.


U.S. companies can face fines for data security issues. For example, Equifax paid $575 million to $700 million for "failure to take reasonable steps to secure its network," according to CSO. Marriott also was fined $124 million, and Uber was fined $150 million.

The European Union regulates data breach notification through the General Data Protection Regulation (GDPR).

GDPR went into effect in June 2018 and requires that organizations notify authorities within 72 hours of the breach.

The regulation applies to all organizations within the EU and those outside the EU that sell goods and services to EU citizens. Fines for violations of can be as high as 4 percent of the company's global revenue for each occurrence or 20 million Euros, whichever is greater.In 2020, French authorities fined Google $57 million, according to Reuters.

Organizations can face lawsuits for damages caused by data breaches. Litigation requires that lawyers spend considerable time reviewing documents, and settlements can be costly. According to Capital One agreed in December 2021 to pay $190 million to settle a class-action lawsuit, for example. U.S. customers filed a lawsuit over a 2019 data breach affecting 100 million people. Previously, the U.S. Office of the Comptroller of the Currency fined Capital One $80 million for the same breach. In January, Morgan Stanley agreed to pay $60 to settle a legal claim in addition to a $60 civil penalty.

What are the Consequences of Cyber Breach?

The consequences of data breach can be far-reaching and often long-term. For example, 60 percent of small and medium-sized businesses will end up closing within six months of a data breach, according to Security Intelligence. Larger organizations may not typically close but can incur high costs. Security Intelligence quotes IBM and Ponemon Institute research that the average financial loss to organizations from a data breach is $4.24 million. More than a third of that average cost comes from lost business.

Reputational Damage
  • Company reputations are tainted because of data breaches for years because news of the breaches remains forever on the Internet and social media. Companies often have to do significant marketing and public relations to fix the damage to their good name.
Loss of Sales
  • When people lose trust in an organization, they may cease to be customers. Loss of trust is particularly detrimental to financial firms and health care providers. It is also detrimental to small businesses whose clientele is primarily local.
Loss of Budget Control
  • Organizations will incur unexpected expenses as a result of the data breach, and the budget will be difficult to control. Companies can buy cyber insurance to alleviate some of the losses from breaches. However, many companies are downsizing their policies, according to the Harvard Business Review.
  • Insurance also often fails to cover all the costs.
Loss of Employees and Potential Employees
  • When a data breach occurs, some employees, especially tech employees and executives, will lose their jobs. Others will leave because of the stress from mitigating the incident.
  • To make matters worse, when potential employees discover that a company has been a victim of a data security breach, they sometimes decide to apply elsewhere. Cybersecurity professionals and IT employees often are the least likely to want to work for a company that has experienced a data breach. Unfortunately, cybersecurity and IT positions also are in high demand.
Legal Penalties
  • Companies also can face significant legal penalties for failure to protect customer data. First, companies must ensure they meet federal and state notification requirements. All 50 states, the District of Columbia, Guam, and Puerto Rico, have laws requiring organizations to notify customers about personal data breaches.
  • The length of time companies have to make the notifications varies by state. Federal laws are being considered.
  • Congress passed the Data Breach Prevention and Compensation Act in May 2019. The law created an Office of Cybersecurity at the Federal Trade Commission. The law also supervises data security at consumer credit reporting agencies, such as Equifax. It also imposes specific penalties on the agencies and credit monitoring agencies for putting consumer data at risk.