The Cost of a Data Breach Rises

While no one needs yet another incentive to avoid data breaches, here's one anyway: the cost of a data breach is on the rise, showing a 23 percent spike over the past two years, according to a survey conducted by Ponemon Institute and sponsored by IBM. In fact, the average total cost of a data breach increased from $3.52 million in 2013 to $3.79 million in 2015.

The average cost paid for each lost or stolen record containing sensitive and confidential information increased 6 percent in one year, from $145 per record in 2014 to $154 per record in this year's study.

Get LifeLock protection now.

The Ponemon Institute surveyed 350 companies in 11 countries, and all of the respondents have experienced a data breach at some point, ranging from 2,200 compromised records to more than 100,000.

The survey also highlights three major factors that affect the rising financial consequences of a data breach.

For starters, cyber attacks have increased in both frequency and in the cost required to address the consequences. In 2014, for example, 42 percent of data breaches occurred as a result of malicious or criminal attacks and cost an estimated $159 per compromised record. This year, 47 percent of data breaches were due to malicious or criminal attacks and cost $170 per compromised record.

Second, business costs for data loss are on the rise. This price tag increased from $1.33 million last year to $1.57 million this year. This cost involves many factors such as abnormal customer turnover, increased customer acquisition activities, reputation losses and diminished goodwill.

Finally, data breach costs associated with detection and escalation have also increased. These costs include forensic and investigative activities, assessment and audit services and crisis team management. This total average cost increased from $.76 million last year to $.99 million in 2015.

The survey also revealed some interesting findings, such as the fact that data breaches cost the most in the U.S. and Germany, but are lowest in Brazil and India. In the U.S., for example, the average per capita cost of a data breach is $217 and the average total organizational cost is $6.5 million.

In addition, the cost of a data breach varies by industry. In healthcare, the cost of a data breach can reach as high as $363 per lost or stolen record. In comparison, industries such as transportation and the public sector reach prices of $121 and $68 per stolen record, respectively.

Furthermore, the study validated that hackers and criminal insiders are causing the majority of data breaches, at 47 percent of all breaches. While it costs $170 per stolen record in these types of breaches, other breaches can cost less. For example, system glitches typically cost $142 per record and human error or negligence costs $134 per record.

The survey shares some ways to help reduce costs in the future. For example, reacting quickly to data breaches can help reduce costs. In addition, business continuity management can reduce the damage by an average of $7.10 per compromised record.

4 Million Members and Counting


"I almost lost my job because someone used my driver’s license and received 8 violations."
- Casey S.


"All of my personal information, even my social security card, was taken."- Jamie A.

It only takes minutes to sign up.

Start Your Membership