Price of Stolen Data

What’s my Data Worth?

The Ponemon Institute reports that the cost of a single stolen record is over $200 to respond and recover. Fines related to HIPAA violations range from $100 per record to $50,000 per record for repeat offenders.

But how much is an individual record worth to the cyber criminal? While the value changes over time and depends on the quality of the personal information they steal, medical records lead with an estimated value of between $10 and $50 per record. Credit cards by comparison are worth only $1 per record.

  • Medical Records $50 per record
  • Credit Cards $1 per record

Even with these returns in the thousands of dollars, the theft of a few thousand records is well worth worth it to criminals. The costs to organizations are significantly larger. 

A small business with a few thousand records will spend tens of thousands of dollars just in the initial response to a breach and suffer effects long after.

The general public, our individual customers, and our employees are the consumers of privacy.   Their expectations are real and supported by law.

Businesses, non-profits, and government are the providers.  These organizations are guided by law, regulations, and standards which require steps be taken to secure data held in trust.  

The days of posting a privacy policy on a website claiming you take data security seriously while not meeting security standards are over.   Time after time when breaches occur, government and industry regulatory authorities find organizations failed to meet the standards they publicly claimed to implement.  

When those standards aren’t met, organizations lose private information.   When organizations lose private information, the losses can be devastating.

Working Security assists organizations of all sizes taking meaningful and measurable steps to improve the privacy protections they deliver for customers, members, and employees.    

We develop systems and methods that inform leaders of data privacy risks, identify and implement mitigation strategies, and measure success.