Each lost record cost firms £64 sterling in 2009; £69 for private sector, £59 for public organisations.
The 2009 Annual Study: UK Cost of a Data Breach report, compiled by the Ponemon Institute and sponsored by PGP Corporation, found that each lost customer record cost on average £64 Sterling in 2009, a seven percent increase on 2008′s figure of £60. In 2007 the cost per lost record stood at just £47. Lost business due to reduced consumer trust was the main contributor to this expense, making up £29 per record.
“This third annual study shows that the financial impact of data breaches is hitting UK organisations harder and harder each year,” said Dr. Larry Ponemon, chairman and founder of The Ponemon Institute.
“In the commercial sector the costs associated with customer churn and attracting new customers are particularly acute, but our research suggests these firms are getting better at detection, remediation and customer communications. However, these efficiencies aren’t shared in the public sector, where the direct costs of a data breach are significantly higher. For example, the cost of notifying users that their records might have been compromised is more than four times higher for public organisations than for private firms.”
The report focuses on the cost of activities resulting from real life data loss incidents occurring between May 2009 and January 2010. A total of 33 UK organisations – 25 from the private sector and eight from the public sector – participated in the research, revealing breach events of between 5,200 and 60,000 personally identifiable information records. These breaches cost between 365k pounds and 3.92 million pounds to manage, at an average of 1.68 million pounds.