Worlddata breach, data breach cost, data breach total cost, data breach records, data breach average, data breach average cost
May 28, 2015 10:30 AM EDT
Data breaches are costing companies more money than ever before, with the average damage for each one now being estimated at around $3.8 million.
The research, done by the Ponemon Institute and financed by International Business Machines Corp., revealed that data breaches, particularly those targeting medical and financial records, became more costly even after just one year, according to Reuters.
The $3.8 million figure is up from $3.5 million just the year before. The 2015 number is also up 23 percent from where it was back in 2013.
The study used information supplied by 350 companies from 11 different countries.
If the consolidated total for what it takes to address a data breach seems high, it is mainly because fixing one takes more financial might and manpower than what people might have previously believed. That $3.8 million figure includes the cost of bringing in people to simply fix what the breach damaged, and then there's the additional costs that come from having to provide new services such as setting up hotlines for affected individuals.
Another factor leading to why the average cost of a data breach is so high is because companies also lose business because of it, with some clients even discouraged from returning due to what happened. Data breaches have also become increasingly common, leading to even more lost profits.
Aside from the average cost of each data breach rising, the average cost of each compromised record also went up to $154, according to NBC News. The type of compromised record also factors into how much it may cost to fix. Healthcare records are the most expensive at $363 on average, while educational records also cost a pretty penny at $300.
47% of the data breaches were caused by criminal attacks, according to Net Security. System glitches account for 29% of the data breaches, while the figure drops to 25% for human errors.
Data breaches caused by malicious attacks usually take around 256 days to even be identified, while human error breaches take about 158 days.