Most business owners imagine that a data breach can be costly, but few ever consider that a data breach could cost them their business. Even if a breach is only suspected, a security audit could still result in your company having to cease operations for days, or even weeks, and according to the US National Archives and Records of Administration, 93% of all businesses that lose access to mission critical data and infrastructure for ten days or more file for bankruptcy within a year, and half file for bankruptcy immediately.
Even large companies are susceptible to these risks, and these four are particularly infamous in the business security world.
1) CardSystems Solutions
In mid-2005, CardSystems Solutions, a credit card processor whose clients included Visa and American express, revealed that more than 40 million credit card numbers had been exposed to hackers. It was the worst data breach in history at the time, and the resulting audit revealed that CardSystems had been illegally storing data in unencrypted form on their vulnerable networks. Visa and American Express were quick to drop CardSystems as a processor, and the company was acquired by Pay by Touch by the end of the year.
2) DigitNotar
DigiNotar was a certificate authority, and was seized by the Dutch government in late 2011 after it was revealed that DigiNotar had been issuing forged security certificates following a breach. Because security certificates are one of the building blocks of trusted access on the Internet, this breach had far reaching implications for the general public, compromising secure interactions with companies including Google, Microsoft, and a number of others. By the end of September 2011, DigiNotar was declared bankrupt.
3) Impairment Resources LLC
The bankruptcy of Impairment Resources LLC is a stern reminder that it’s not just electronic infrastructure that needs to be protected from would-be hackers. On New Year’s Eve in 2011, burglars broke in to Impairment Resources’ San Diego Headquarters and stole hard drives containing the medical data, including social security numbers and home addresses, of about 14,000 people. The thieves were never caught, and the cost of addressing the security breach far outstripped Impairment Solutions’ capital: the company filed for bankruptcy in March of 2012.
4) Nortel Networks Ltd.
The data breach and resulting bankruptcy of Nortel Networks Ltd might be the most infamous in history owing to the legacy of a company that had, at one time, been one of the giants of the telecommunications industry. Chinese hackers, using passwords obtained from top executives at Nortel, illegally accessed Nortel’s networks for over a decade before the breach was finally discovered. These hackers planted spyware so deeply in Nortel’s networks, it took investigators years to determine the extent of the intrusion. Since Nortel manufactured the hardware that serves as the center of many corporate networks, and their audit never included the investigation of software systems in these products, there may be no way of knowing how far-reaching the Nortel breach is. Nortel filed for bankruptcy in 2009.
Given the relatively low cost of encryption and authentication solutions, data breaches like this need never have bankrupted their companies. A modest investment in security infrastructure can go a long way to ensuring your company never experiences a significant data breach.