News

05:23 PM
Jonathan Camhi
Jonathan Camhi
Slideshows
Connect Directly
Facebook
Twitter
Google+
RSS
E-Mail
50%
50%

Breaking Down the Impact of the Target Breach

The payments, banking and retail industries are still experiencing the fallout of the major data breach that hit Target last year. We take a look at the numbers behind the breach’s repercussions for banks, hackers and consumers.
Previous
2 of 5
Next


17.2 Million - U.S. banks and credit unions have reissued 17.2 million debit and credit cards as a result of the breach, at an estimated cost of $172 million, according to the Consumer Bankers’ Association.

$30 Million - Credit Unions have so far shouldered $30 million in costs as a result of the breach, according to the National Association of Federal Credit Unions. The association has estimated the the average cost among its member credit unions at $45,000.

4.8-7.2 Million - One recent analysis indicated that anywhere from 4.8 million to 7.2 million out of the 40 million cards stolen in the breach could experience fraudulent activity.

 

Jonathan Camhi has been an associate editor with Bank Systems & Technology since 2012. He previously worked as a freelance journalist in New York City covering politics, health and immigration, and has a master's degree from the City University of New York's Graduate School ... View Full Bio

Previous
2 of 5
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Greg MacSweeney
50%
50%
Greg MacSweeney,
User Rank: Author
3/27/2014 | 7:14:50 PM
re: Breaking Down the Impact of the Target Breach
Yes, you are 100% correct about this. Banks looks at fraud as a cost of doing business. Right now, they can absorb the losses and it is a cost of doing business.

To actually address the security loopholes sometimes costs even more than they are losing to fraud, so they live with the imperfect security framework.
Alton Franklin
50%
50%
Alton Franklin,
User Rank: Apprentice
3/26/2014 | 6:37:15 PM
re: Breaking Down the Impact of the Target Breach
Hey, Jonathan!
Speak of the devil.... ;-)
http://www.networkworld.com/ne...
Jonathan_Camhi
50%
50%
Jonathan_Camhi,
User Rank: Author
2/24/2014 | 4:35:57 PM
re: Breaking Down the Impact of the Target Breach
I think making organizations pay some form of compensation if they were negligent in the case of a security breach definitely makes sense, and would be a huge driver for change. The problem right now is defining what is actually "negligent." So many organizations, particularly in other industries besides banking, don't have the necessary cyber security measures in place. We could really use a federal standard for handling data breaches that addresses this issue, and a number of people have called for one after the Target breach. Right now we have a bunch of different state laws that sometimes conflict with another. If we have a standard that everyone can be measured against to determine when negligence has taken place, I think we would see some really fast change in this space.
Alton Franklin
50%
50%
Alton Franklin,
User Rank: Apprentice
2/18/2014 | 8:01:55 PM
re: Breaking Down the Impact of the Target Breach
Good point! Brand impact does seem to gather almost as much attention as what I believe making the impact personal would. I believe that stems from the potentially significant personal impact that oftimes follows significant brand impact. Basically, it's like, "Grab 'em by the wallet and their hearts and minds will follow...". What I'd really like to see, though, is the opposite side of that coin. That is to say, some type of indemnification for parties that disclose AND ADDRESS security "events" and "issues". What are your thoughts along those lines?
Jonathan_Camhi
50%
50%
Jonathan_Camhi,
User Rank: Author
2/18/2014 | 7:52:00 PM
re: Breaking Down the Impact of the Target Breach
Well we saw some of the bigger banks start to work together more closely with law enforcement after the DDoS attacks last year. That is something new. And the reputational harm that could come from a data breach or cyber attack does go beyond simple financial consequences. I think that is what caused some action after the DDoS attacks.
Jonathan_Camhi
50%
50%
Jonathan_Camhi,
User Rank: Author
2/18/2014 | 7:50:20 PM
re: Breaking Down the Impact of the Target Breach
You're right about banks in the past regarding fraud as sometimes being part of the cost of doing business. And you're right again in suspecting that that is changing as a result of the frequency and size of the data breaches that have been occurring lately. It's already getting bigger attention as a result of the DDoS attacks last year against banks. The key is that now the breaches and sums of money involved are getting bigger, which makes for bigger headlines. And the bigger the headlines, the more it affects the reputation of the bank, which is where it goes beyond the simple cost of doing business. None of the banks want to lose customers because they were hit by a huge data breach that got them on the cover of the New York Times.
Alton Franklin
50%
50%
Alton Franklin,
User Rank: Apprentice
2/17/2014 | 7:17:58 PM
re: Breaking Down the Impact of the Target Breach
No offense intended, but I've heard this song way too many times before.... "Given the latest breaches at < fill in the name >, < fill in the name >, < fill in the name >, < etc. >, < etc. >, < etc. > "they" will have to start paying more attention, providing more support, solving world hunger, creating world peace, curing cancer/heart disease/ADD/ADHD..." Realistically, as long as it's confined to mere financial consequences (never mind what goes for "mere"), there will be minimal adjustments - that is, no real change... I doubt it will ever happen in my lifetime; but, make it personal for the responsible parties - the ones actually signing off on currently quite obviously deficient security conditions and overall security postures - ( with jail time, unrecompensable financial penalties, public flogging, etc.) and you may - I say MAY - actually see some relevant and effective changes.... Until then.... Happy trails to you... :-)
SRG2
50%
50%
SRG2,
User Rank: Apprentice
2/15/2014 | 7:25:10 PM
re: Breaking Down the Impact of the Target Breach
As an IT Security professional, I have had the impression (possibly erroneous) that at least some members of the US banking community have not been overly concerned with IT Security - as long as the cost of the IT Security breach is minimal. The cost of IT Security breaches has, in the past, perhaps somewhat viewed as a "cost of doing business". Please note I am not privy to any information in this regard. This is just my personal impression as an "outsider looking in". However, I do believe that now, given the size, impact, and number of recent IT Security breaches - this issue will be receiving increased attention and support. This solely reflects my personal opinion at this time - and is subject to change based on new information. Thank You.
Register for Bank Systems & Technology Newsletters
White Papers
Current Issue
Slideshows
Video