Maine’s Bureau of Financial Institutions, a division of the Department of Professional and Financial Regulation, conducted the survey at the direction of the state legislature that revealed the costs of Maine’s banks and credit unions when responding to breaches…
“Maine Data Breach Study Pursuant to Resolve 2007, Chapter 152”
A few of the interesting findings…
- 95% of the 75 responding financial institutions (50 credit unions and 25 banks), were affected by one or more of 20 data breaches identified in the survey.
- The cost of investigating all of the data breach incidents was $269,900 or 12.6% of total breach response costs in all categories.
- Providing notice to individuals of all of the data breaches cost respondents a total of $304,500 or 14.2% of total breach response costs.
- Reissuing credit and debit cards to affected customers cost nearly $1.2 million, representing 54.3% of the total breach response costs.
- Undefined “other” costs totalled $68,800 or 3.2% of total costs for the survey respondents.
- The total cost of covering fraudulent purchases and transfers was $336,100, or 15.7% of total breach response costs.
- A little over one third (25) of the institutions that reported breaches reported unauthorized or fraudulent transfers as a result of the breaches.
Tags: awareness and training, Information Security, IT compliance, IT training, Maine, policies and procedures, privacy breach, privacy breach study, privacy training, risk management, security training