Target takes $162m hit from cyber attack data breach by Dan Worth
Target has revealed that the cost of the cyber attack on its systems in 2013 that led to the theft of millions of customers' credit card details has reached $162m.
The retailer revealed the figure during its 2014 full-year earnings report, explaining that the amount would have been higher had it not recovered some of the money through insurance payouts.
“[Target] incurred breach-related expenses of $4m in fourth quarter 2014 and full-year net expense of $145m, which reflects $191m of gross expense partially offset by the recognition of a $46m insurance receivable,” the company said.
“Fourth quarter and full-year 2013 net expense related to the data breach was $17m, reflecting $61m of gross expense partially offset by the recognition of a $44m insurance receivable.”
The figure of $162m, taken from the $145m and $17m, is unlikely to be the end of the matter as Target seems likely to receive a legal challenge from customers and banks unhappy about the breach.
The cost so far underlines the risk to businesses of data breaches, both financially and by affecting consumer trust in a brand that handles personal information.
Hackers have been found selling Target customers’ credit card data in Eastern Europe since the breach, and the firm’s CIO and CEO have both left the company.
High-profile data breaches are becoming increasingly common as hackers seek ever bigger targets to increase their returns.
Perhaps the biggest incident was the Sony attack of late 2014. This was a different type of attack, however, as the intention was to cause widespread disruption rather than steal financial information.
Gartner said that the Sony attack has made other firms recognise the risk of a cyber attack with the sole aim of disruption, and expects 40 percent of companies to have policies in place to deal with this by 2018.