<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1602061480087256&amp;ev=PageView&amp;noscript=1">

R&R Insurance Blog

CEOs Paying the Price for a Data Breach

Posted by the knowledge brokers

Fired.jpgDo you know what the following people have in common?

Amy Pascal, Greg Steinhafel, Frank Blake, Richard Smith, Noel Biderman

All were CEOs of companies that lost their jobs following a data breach/hacking of their respective companies.

  • Amy Pascal was CEO of Sony Pictures.  The company settled a class action lawsuit for $15 million
  • Greg Steinhafel was CEO of Target.  They settled class action lawsuits for $50 million
  • Frank Blake was CEO of Home Depot.  The company paid $27.25 million to banks, $134 million to Visa, MC and more banks, $19 million in class action settlements
  • Richard Smith was CEO of Equifax.  Suits are still pending at time of publishing
  • Noel Biderman was CEO of Ashley Madison. They paid $11.2 million to settle claims

The expense of dealing with a data breach can add up quickly.  Take, for example, a hospital that experienced a breach of 40,000 records.  The price tag was $450,000 for credit monitoring and ID Theft insurance, $175,000 in notification and call center expenses, $25,000 forensics costs and $90,000 in legal costs, and $500,000 in regulatory fines.

In another instance, a former hospital employee downloaded 102,000 patient records.  The expenses amounted to $1.4 million in credit monitoring & call center, $500,000 in notification expenses, $500,000 legal expenses, $250,000 forensics, $1.5 million in legal expenses and $750,000 in regulatory fines.

Many companies were impacted by the Petya/NotPetya malware in 2017.  Consider a full day without phones, six days without email, nearly two weeks without complete access to documents, and  $700,000 in lost billings.  That’s what happened when this malware hit a global law firm.  What lessons did they learn?  With ransomware, detection comes too late; everyone has a plan until you get punched in the face; no firm is immune. Globally the malware cost $1.5 billion, including companies such as  FedEx which posted a $200 million loss and Maersk  which posted a $300 million loss, to name just a few.

All companies are at risk regardless of size, industry, or location.  How do you offset the staggering amounts that a cyber event can cost your company?  Invest in risk management, cyber security, and cyber insurance.


Topics: Cyber