The average cost of a data breach for a U.S.-based company or organization was approximately $202 per record compromised last year, according to a new report by the Ponemon Institute LLC, a privacy and information-management research firm. That is 11% more than the $182 per record in 2006, according to Traverse City, Mich.-based Ponemon. A group of 43 companies known to have experienced data breaches participated in the study by completing surveys about their breaches. Eight of the participants were in financial services, and seven were in retail. The average total cost per breach was more than $6.6 million last year, up 40.4% from $4.7 million in 2006. Negligence by company insiders led to 88% of breaches among the participants in the 2008 survey, leaving only 12% of breaches resulting from malicious attacks. The most-common type of insider negligence incident reported was loss of laptops containing sensitive data, representing 35% of breach incidents. System failures were next at 33%. Lost backup media accounted for 5% of breaches reported, as did cybercrime or system hacking.

Subscribe Now

Authoritative analysis and perspective for every segment of the payments industry

14-Day Free Trial

Authoritative analysis and perspective for every segment of the industry