We have written recently about the Equifax data breach where the records of 143 million Americans were accessed from the secure database of credit reporting agency Equifax Inc (Equifax). Equifax recently lodged its third quarter results with the Securities and Exchange Commission, and in their official announcement they indicated that the costs incurred in that third quarter for the cybersecurity incident were US$87.5 million. Click here for our previous article.
That amount was broken down into product cost ($55.5 million), professional fees ($17.1 million) and consumer support ($14.9 million). Clearly indirect costs were not covered in this calculation. They have also recorded a contingent liability for additional expenses which they have estimated between $56 and $110 million dollars.
While the US has a much larger population than Australia and the Equifax breach covered approximately 50 per cent of the population, even if a breach were one-tenth the size, the immediate costs and the projected future costs indicate that in addition to regulatory action and fines, and potential loss of business, a data breach can be a very expensive problem to remedy.
At Holding Redlich we can assist Australian businesses preparing for the mandatory data breach regime in 2018. Being prepared and having an incident response plan can ensure costs are minimised.
Author: Lyn Nicholson
* On 30 November 2017, we will be delivering a seminar 'Key issues in data protection and privacy' in our Brisbane office. Please click here for more information and to RSVP.
Lyn Nicholson, General Counsel
T: +61 2 8083 0463
Trent Taylor, Partner
T: +61 7 3135 0668
Dan Pearce, Partner
T: +61 3 9321 9840
The information in this publication is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavour to provide accurate and timely information, we do not guarantee that the information in this publication is accurate at the date it is received or that it will continue to be accurate in the future. We are not responsible for the information of any source to which a link is provided or reference is made and exclude all liability in connection with use of these sources.