Are we as consumers becoming numb to data breaches occurring daily from Target to Hilton, the U.S. Social Security Administration and now Equifax where 143 million U.S. Consumers are potentially impacted? That is close to one-third of the entire country!
Equifax said it discovered the breach on July 29 and that “Criminals exploited a U.S. website application vulnerability to gain access to certain files.” But instead of informing impacted consumers in a timely manner, Equifax CFO John Gamble Jr., workforce solutions president Rodolfo Ploder and U.S. information solutions president Joseph Loughran sold more than $2 million in shares of the company according to SEC Filings and initially reported by Bloomberg News.
I just learned of the data breach via social networking site Nextdoor Neighbor where someone posted a CNBC story from last week about the data breach. What’s so astonishing is that research conducted by competitor Experian Data Breach Resolution and Ponemon Institute pegs the average loss of brand value after a cyber attack between $184 million to $332 million.
Personally, I have two different “free” credit monitoring services thanks to a Blue Cross Blue Shield data breach and another from one of my banks. I also was a victim of identity theft, or just plain carelessness by my utility supplier back in the year 2000. Either way, getting your credit report cleared up is a challenge and takes a long time. However, knowing there is an issue is the best defense and offense.
So why did Equifax not report the breach timely? What should companies do to prepare for a data breach?
If your organization has any personal information on employees, customers or consumers than it is at risk for a cyber-attack. The time to prepare a crisis communications plan to combat a cyber attack and protect brand reputation is now, not after the fact. According to a Forbes Insights: The Reputational Impact of IT Risk report, 46 percent of companies have experienced reputational damage and loss of brand value from data breaches.
Unfortunately, too many organizations think they are not susceptible to a cyber-attack, not big enough to be of interest, or that their IT Security is too good for hackers.
For those skeptics, and procrastinators, the time is now for planning. Years of good faith and trust in your organization can be shattered in minutes when personal information is compromised to hackers and criminal elements. How your organization responds makes all the difference.
If you’re interested in learning more about how to prepare a cyber security communications plan, contact the author or visit Kinetic Communications Marketing LLC on the web.