More on the high cost of lost customer data
A while back I posted an article on what it actually cost companies that suffer customer data loss. Even I was amazed at the cost of $140.00 per customer. When some of these data losses involve hundreds of thousands, if not millions of names, the numbers add up pretty quickly! Now the FTC has published a settlement they reached with DSW Shoe Warehouse. For those who don't remember, DSW had a security breach and roughly 1.4 million credit/debit cards, and about 96,000 checking accounts and driver’s license numbers had been pilfered. In this case at least some of these people whose information was stolen suffered losses as a result. The FTC filed a complaint against DSW regarding this event, alleging they:
Without admitting any guilt, DSW and the FTC have agreed to a settlement, that I believe is similar to an earlier settlement that the FTC reached with BJ's Wholesale Club. The terms of the settlement according to the press release: "... requires DSW to establish and maintain a comprehensive information security program that includes administrative, technical, and physical safeguards. The settlement also requires DSW to obtain, every two years for the next 20 years, an audit from a qualified, independent, third-party professional to assure that its security program meets the standards of the order. DSW also will be subject to standard record keeping and reporting provisions to allow the FTC to monitor compliance." As a result of this occurrence DSW has set aside between 6.5 and 9.5 million dollars to pay for it. How much lost business and bad publicity this has rained down on them is a different matter.
No doubt about it, data loss is an expensive business. Like the old saying says, "an ounce of prevention, is worth a pound of cure!"
Comments