Your employees gather personal information from customers, and your company stores this confidential information. Therefore, you are exposed to risk!
These violations have targeted confidential data of a personal and commercial nature, exposing companies, employees, business partners and their customers to potential risks.
All organizations are exposed to direct risks, such as the risk of fraud and data breach, but they are also indirectly exposed to legal and financial risks when they gather, store and use personal and confidential data.
Such an incident recently occurred in British Columbia, when cybercriminals compromised a company’s customer database. The customers and all individuals who completed online requests to obtain the services from the company received phishing e-mails. After a number of customers filed complaints, the company enlisted an investigator who identified the nature of the problem and the extent of the data breach.
The facts
Immediately after obtaining this confirmation, the company reported the incident to the Office of the Privacy Commissioner. However, the victims of the cyberattack were only notified much later. A class action was brought against the company. The plaintiffs claimed damages and referred to the findings of the Office of the Privacy Commissioner, which concluded that the company had not set up adequate security measures to protect personal and confidential data gathered from customers.
The solutions
According to specialists from the Ponemon Institute, businesses should take measures to maintain the trust of their customers in order to reduce long-term financial impacts.
To manage the incident and safeguard its own interests, a company that suffers a data breach must implement numerous measures, such as hiring experts and lawyers, protecting the identity of the victims and acquiring new security solutions. Companies must also face potential indirect losses and expenses such as the loss of existing and prospective customers and harm to their reputation due to media exposure, among others.
Research by the Ponemon Institute reveals that the bad press surrounding a data breach can have negative consequences for revenue. It can also generate abnormally high service cancellation rates and have a negative impact on the acquisition of new customers.
It is important to keep in mind that the risks incurred can carry heavy consequences. A serious violation could even lead a company to bankruptcy!