The True & Unexpected Costs of Being Hacked

by

There are the normal costs everyone associates with a breach, like getting your own server and computers fixed up, with maybe a little downtime. But really, most businesses view the possibility of getting hacked as more of an inconvenience than a bottom-line cost. For those who’ve come out the other side though, it’s a very different story. They know the hidden and ongoing costs of a data breach can be crippling, and that IT security exists to protect your business on multiple levels. All those surprise costs that spiral out of control are why most businesses close after a cyber-attack. Here are a few of the hard, but common realities of life after a hack.

Raiding the budget to reduce downtime

From the moment a cyber-attack gets into your system, things get expensive, and the longer the attack goes, the more it costs. Latest stats reveal most breaches aren’t identified for around 191 days, then it can take on average another 66 days to contain the damage. During this time you’re cleaning PCs, mobile devices, laptops, servers and even entire networks. Add to this the fee for experts to fix everything up, all the new tools and software they insist you have, and all the hours/days/weeks when your business is struggling with downtime, you’ll exhaust your emergency funds very quickly.

The long arm of the law

Depending on what data was stolen and how you handled the situation, you could be liable for fines into the millions. Having any medical data or legal files leak is a particularly messy scenario with fines coming from multiple sources. In any case, new privacy laws mean businesses are liable for massive fines if they don’t disclose a data breach, even if only email addresses were stolen. Where this gets even trickier is that the burden is on your business to know exactly what data has been stolen/illegally accessed, so you can report it before the fines stack up. This means that even if you were able to fix up the systems yourself, you still need to hire an expert who can identify exactly what the hackers took, from where and when.

Customer retention measures

In a double-down crush to your bottom line, not only does your business have to bear the cost of the hack, your future income takes a hit as customers lose trust and leave. To offset this, many businesses need to engage PR experts, spend more on advertising, and go all out to ensure they survive to fight another day. Even so, your breach disclosure will still come up in search results for many years. The more negative publicity your breach attracts, the more you’ll need to spend on customer retention.

All your secrets exposed

While you may not have Pentagon level secrets to protect, your business does have information that you’d like to keep to yourself. Hackers love going after those juicy tidbits, and the more closely you guard them, the more attractive they are. Think Coca Cola recipe, Big Mac Secret Sauce or 11 Herbs & Spices…While those corporations would be big enough to keep their competitive edge after the breach, your business success relies on at least some information staying secret. It may not be a secret recipe, but your proprietary methods and databases have a black-market value all of their own.

But simply avoiding a breach doesn’t cost much at all…

The thing is, it’s not expensive to stay on top of it all and keep your business protected. That means no need to raid other department budgets in a panic, pay crippling fines, make embarrassing public announcements, or fight to retain your competitive edge.

We can help with making sure your systems have the latest security patches and your anti-virus knows the latest tricks to watch for. Our technicians can build a virtual fortress around your business that keeps the bad guys out while letting you thrive, and even monitor security with early warning systems. Whatever your needs are, both now and moving ahead, we’re here to help keep you safe while keeping your IT costs low.

Updated Information about the Equifax Financial Data Breach

by

As you have probably heard by now, credit reporting company Equifax revealed last week that its databases were hacked in a large-scale breach affecting millions across the US, UK & Canada. While no hacking event is ever good news, some are easier to ignore than others – this isn’t one of them. The sensitive nature of the exposed data now requires immediate action for all those even possibly affected.

The short version: Equifax is one of the three main organizations in the US that manages & calculates credit scores. To do that effectively, they have access to almost every piece of financial data for adults in the country, plus pretty much anyone who’s lived/worked in the US. We’re talking social security, tax file numbers, drivers’ license, credit card numbers…the important stuff. On September 7th, Equifax disclosed the breach, stating that hackers had repeatedly gotten in through a vulnerability in the web application from mid-May to July of this year. Since then, there has been a lot of conflicting information floating around the internet. I have gone through and tried to decifer the best course of action to recommend…

The best action now is to protect yourself against fallout:

  1. Go to: http://www.equifaxsecurity2017.com (dead link) to see if your data may have been affected. There was some news that this site was delivering random results, but Equifax announced it has been corrected. I have tested it myself and it seemed to be working now. That being said, it’s safest to assume everyone with a credit history has been impacted.
  2. Claim the Equifax free year of credit monitoring & identity theft insurance (if you’re a US resident). If you’re not eligible, consider sourcing your own. As the hacked data will continue to circulate for some time, consider extending your credit monitoring for a few more years.If you are wary of trusting Equifax with protecting your credit (They dont have a very good track record at this point!), you can instead look at services such as Lifelock to freeze and monitor your credit reports.
  3. Keep a close eye on your finances and accounts. Check for notifications of new credit applications, monitor your statements and bills, and immediately report any suspicious activity or sudden change in billing.
  4. Change all your passwords to be strong, unique and long (you should be doing this anyway!). Now that the hackers have your passwords from the Equifax site, the stolen data may give hackers a free pass into the rest of your bank accounts, email and personal information.
  5. Add two-factor authentication where possible. This is when an account demands a second layer of authentication before allowing access or changes, like a 6 digit code texted to your phone in order to log in. Even if a hacker has your password, they would need to also have your phone in order to get logged in.
  6. Finally, and probably the MOST EFFECTIVE mitigation for this issue…Consider freezing your credit report. Check out a very nicely written article HERE about how to do this. Freezing your report makes it harder for identity thieves to open accounts under your name, as access is completely restricted until you choose to un-freeze. You will have to unfreeze your reports if you ever wanted to get a loan or similar, but how often do you really do that?

Click to see our BBB Report

FOLLOW US

VISIT US

Privacy Policy