« Back to Blog
Does Target's $10 million settlement create a precedent for other businesses?
Around two years after retailing giant Target Corp suffered a data breach that compromised the personal and financial information of around 70 million customers, the company is feeling the consequences. The United States District Court for the District of Minnesota and presiding Judge Paul Magnuson approved a $10 million settlement proposed by the company. The move could award victims up to $10,000 if they provide forms and documentation of losses.
The question now: does Target's consumer privacy suit settlement set a precedent for other businesses that don't enforce sufficient cyber security procedures? And how will this industry news influence small organizations as well as larger businesses?
Putting data breaches into perspective
That $10 million fund for victims is just the tip of the iceberg in terms of what Target is paying for the scandal in total. Marketplace has already noted that the retail chain has already paid over $100 million in additional security measures and legal fees. Still, in regard to how many people the breach could have affected, $10 million is a relatively low payout, answering why Target may have been so eager to settle on such a sum.
"Home Depot could pay around $10 billion by 2020 for data breaches."
Now that a bar has been set for a class action lawsuit related to data theft, there's good reason to believe other companies or courts will point to this case in the future for similar settlements. Target has, more or less, established a going rate for companies paying victims of cyber security breaches - something that will likely be used as a frame of reference in negotiations.
Companies like Home Depot, which reported that a data breach last year gave hackers around 53 million email addresses, may use Target's past to shoot for similar settlements. Forbes recently noted that the incident exposed information for roughly 56 million credit and debit cards.
The smaller the settlement, the better. A $10 million offer would be just a drop in the bucket compared to what some analysts believe Home Depot will lose in total over the long term. Estimates by Forbes' Great Speculations Contributor Group state that Home Depot will likely pay somewhere around $10 billion by 2020 for investigation, remediation, notification to individuals, identity theft repair, credit monitoring, regulatory fines, disruptions in normal business operations, lost business and related lawsuits.
Affecting businesses big and small
Billions in costs isn't the norm. Then again, home improvement powerhouses aren't the only organizations reeling over data breaches. The 2014 Cost of Data Breach Study: Global Analysis, completed by Ponemon Institute and sponsored by IBM, showed that companies around the world are suffering from increasingly common data breaches. Business research shows that the costs incurred from these cyber attacks is growing in every nation except Germany as well.
What's more, the greatest loss for businesses doesn't come from settlements or increasing security efforts - it comes from damage to a company's reputation and a loss of customer loyalty. The study reported that the average cost per data breach per company was around $3.5 million, 15 percent greater than costs from 2013. Overall, this is causing some companies to call for much higher investments in cyber security. Research suggested that the average respondent wanted security investments doubled from an average of $7 million to an average of $14 million.
That may make sense for medium-sized businesses, as the report also noted that risks have grown in number. Global companies estimate they will handle 17 malicious codes, 12 sustained probes and 10 unauthorized access incidents on a monthly basis moving forward.
Like what you read? Great. Our blog is packed with FREE b2b content and meaningful research data aimed to help business professionals . It's free to join, all you have to do is enter a few details below.
« Back to Blog