The True Cost of a Data Breach: Protect Yourself by Making Sure You’re Recycling Electronics Properly

 Too many companies don’t stop to consider just what’s at stake if they don’t recycle electronics properly. IBM puts the average cost of a data breach at $4.24 million. Can you afford to take that hit?

Here are a few alarming statistics regarding the risks and realities of data breaches.

  • 23% of data breaches are the direct result of human error.
  • Just over a quarter of data breaches (28%) occur with small businesses.
  • The healthcare industry saw a 58% increase in data breaches during the pandemic.
  • 59% of financial companies have passwords that never expire.
  • 62% of U.S. companies experienced at least one data breach or cyberattack in 2021.
  • 68% of healthcare data breaches were linked to the theft or loss of an electronic device or file.
  • 70% of a company’s sensitive data is classified as stale data.
  • 95% of a business’s folders are not protected by passwords, encryption, or other security measures.

It takes an average of 287 days to discover a data breach and 80 days to contain a breach. But, containment is much longer for financial companies (233 days) and the healthcare industry (329 days).

Every company is at risk. Even companies that think they have the greatest security can fall victim to a data breach. Three of the largest data breaches in 2021 involved big names in the business world.

  • Comcast – 1.5 billion
  • Facebook – 533 million
  • LinkedIn – 500 million

If your company experiences a data breach, how much money are you at risk of losing? Is that all you stand to lose? Learn exactly what’s at stake and what you can do to ensure you’re protected.

Fines and Fees Can Be Tremendously High

If it’s found that you did something wrong and weren’t following recommended measures in protecting your company’s information, you’ll face fines. The fines can be expensive, and so can the fees and settlements.

After the Equifax breach in 2017, the company had to pay over $575 million in fines. That doesn’t even cover the amounts they’re paying in class action lawsuits and individual lawsuits. In 2020, additional settlements were reached with Equifax paying $19.5 million to the state of Massachusetts, $18.2 million to the state of Indiana, and $9.75 million in settlements and legal fees to different U.S. financial institutions.

T-Mobile faced a class action lawsuit for a 2021 breach. They had to pay $350 million for the settlement and $150 million more for improvements to data security and technology upgrades.

That’s just two. Home Depot paid around $200 million after a data breach of its POS system. Capital One paid $190 million after a 2019 data breach. Morgan Stanley paid $120 million after improper steps were taken to destroy data before decommissioning a data center.

In addition to the fines and lawsuits, there are other fees such as:

  • Free credit monitoring – Upwards of $30 per person/cardholder
  • Breach notification letters being mailed – $1,000 or more
  • Merchant processor fines – $5,000 or more
  • Upgrades in technology – $5,000 or more
  • Card brand compromise fees – $5,000 or more

You Have to Pay for a Forensic Investigation

After a data breach, it’s imperative that a company hires a forensic investigator to investigate the breach or attack to learn why it happened, what steps need to be taken, and how to prevent it from happening again.

A forensic investigation can cost as little as $10,000 for a smaller business, but the cost can be much higher for larger merchants. The cost of this type of investigation can exceed $100,000.

Your Costs Increase

After the breach or hack, you’ll need to make sure your system is better protected. This can mean better security software and systems. You may have to hire a dedicated IT security team. Your employees may all need to undergo security training. You should also look into insurance to protect yourself against other attacks.

Most importantly, if you are getting rid of old office equipment, make sure it’s recycled properly. This means destroying the data. Hiring a professional that’s an expert in data destruction and responsible e-recycling is essential.

You Lose Customer Trust

Fines and the new fees you take on are just a small part of the ripple effect following a data breach. It’s estimated that 65% of data breach victims no longer trust a business following a breach. If six out of ten clients decided they don’t trust you and moved to the competition, could your business survive that blow?

In surveys, about eight out of ten consumers admit they would no longer engage or have stopped engaging with a brand after a breach. Almost four out of ten admit they will not engage with a brand after a breach. This includes using an application, no longer providing personal information for storage, or even stopping shopping or supporting that brand.

Did the Equifax breach affect you at all? Most people were impacted by that. Even years later, do you hold a lot of trust in Equifax to really protect your information? Like many, you probably have other protective measures in place because you simply do not fully trust that company anymore.

You Risk Closing Down

About 60% of small businesses go bankrupt after a data breach. Loss of business during closures to repair the damage is costly. For some, that loss of revenue can be financially crippling.

Have you ever heard of Youbit? The South Korean cryptocurrency filed for bankruptcy back in 2017 after hackers stole 17% of the company’s assets in two attacks.

Codes Spaces was once a popular SaaS provider. Hackers got into their cloud control panel and erased a lot of data before demanding payment to restore the information. Code Spaces was unable to continue and shut down.

Your Reputation Takes a Hit

After a breach, 85% of consumers will tell others about their experience. Three out of ten will go to social media to complain about the brand or service that was breached. One out of five will leave reviews or commons directly on the retailer’s website or a review site like Google or Yelp.

Your IT Department May Not Have the Knowledge or Equipment for Proper Data Destruction

One of the biggest mistakes companies make is thinking that restoring electronics to factory settings wipes all data. It makes it harder to access, but it’s not completely destroyed. If that’s been your go-to plan for data destruction, it’s time to contact the professionals.

It’s imperative that you make sure data is destroyed before you sell or recycle any electronic devices. If you’re decommissioning a data center or consolidating offices, make sure you work with a data center service partner who will ensure your data is secure and offer you the traceability you need to prove you did everything possible.

ERI’s expertise is in ITAD, data destruction, on-site data eradication, and electronics recycling. We adhere to e-Stewards, ISO 9001, NAID, and R2 procedures. Clients can access real-time information on where their items are from the moment they leave the office to their destruction or final disposition.

When you work with ERI, we’ll help you remarket items that still have value, only after the data is destroyed following government or industry standards. We’ll recycle electronics you no longer need in a way that protects the environment. And, we’ll even destroy data on-site if you require that service. Contact us to discuss your data destruction and e-recycling needs.