Companies don’t have a choice about whether or not to have an enterprise security infrastructure in place. Guarding your company isn’t like deciding if you want to rent out a new floor for the business. It’s more like choosing if you want locks on the door. Sure, you could decide to simply leave the doors wide open, but that’s a situation that almost guarantees theft.
Still, many organizations out there fail to equate virtual security with physical security and in doing so they overlook the formidable threat posed by malicious authors. But if a company chooses not to prepare for the prospect of a cyberattack, then they must at least brace themselves for the penalties that follow. And those consequences can be steep.
Companies of All Kinds Subject to Fines Following Attacks
No matter the size of your business or the kind of work it does, the bottom line is the same: If you get attacked, prepare to pay the price. A relatively small hospital in Rhode Island is learning that lesson the hard way after suffering a breach that compromised data for thousands of people.
According to The Modesto Bee, Women and Infants Hospital has reached an agreement with Massachusetts Attorney General Martha Coakley to pay $150,000 after losing data for more than 12,000 residents in the state. The data loss happened in 2012 when staff at the hospital realized they’d accidentally lost some data from patients. Unfortunately the nature of the compromised information couldn’t have been more personal, as it included ultrasound images.
But the Women and Infants Hospital isn’t the only enterprise dealing with the consequences that follow a major breach. E-commerce titan eBay is also coping with the fallout of a security episode earlier this year and now the company faces a lawsuit from one of the affected parties.
According to ComputerWorld, Collin Green — a Louisiana resident who was among the millions of people impacted by an eBay data breach that happened in May — is filing a class action lawsuit against the business. His lawsuit states that eBay’s security shortcomings led to a situation in which thieves were able to access and steal information including addresses and passwords. Adding insult to injury, the company held off on informing those who were impacted by the breach, which Green’s complaint said was a move geared solely toward profit.
“eBay’s profit-driven decision to withhold the fact of its security lapse further damaged the class members who were prevented from immediately mitigating the damages from the theft,” the complaint said.
If Green wins his class action suit — which was filed not only on behalf of himself but also others who were impacted — eBay could be forced to pay more than $5 million.
In Addition to Monetary Consequences, Reputation of Two Businesses at Stake
The money that enterprises such as Women and Infants Hospital and eBay have to pay pales in comparison to the hit in reputation that the enterprises have taken. Whenever a company is breached, it can guarantee that the malicious incursion will make headlines for the foreseeable future.