Cost to US Companies of Data Breach Totals $7 Million

Print Email

The cost to a U.S. company of a single lost or stolen digital record containing sensitive or confidential information reached $221 this year, up 2% year over year. The average total cost to a company from a data breach rose 7% to $7.01 million.

On average, a single breach involved nearly 30,000 records, in a range of 5,125 to 101,520.

The research was conducted by the Ponemon Institute and was sponsored by IBM. The data are based on information from 64 U.S. companies, and most of the breaches reported in this year’s study occurred in 2015. The study did not include breaches involving more than 100,000 records because “they are not indicative of data breaches incurred by most organizations” and would have artificially skewed the results.

The Ponemon/IBM study also looked at the cost of data breaches globally. A total of 383 companies from 12 countries (including the 64 U.S.-based companies) participated. The global average cost of a data breach rose to $4 million, and the average cost for each lost or stolen record reached $158.

While the cost of a single record’s loss or theft is highest in the United States ($221), Germany ($213) and Canada ($211) are not far behind. The year-over-year increase in the cost of losing a record was $22 in Canada and Belize, the largest increase among the 12 countries included in the study. Costs dropped slightly in the United Kingdom (from $163 to $159) and Australia (from $133 to $131).

The total average cost of a data breach was highest in the United States at $7.01 million. In Germany, the total reached $5.01 million, just ahead of Canada with $4.98 million. France (total cost of $4.72 million) and the Arabian cluster of Saudi Arabia and the UAE ($4.61 million) round out the top five.

The 2016 reports are available at the IBM Security website.

I'm interested in the Newsletter