Guest post by Brett Meyers, senior business analyst and ECM product lead, The Gordon Flesch Company.
In the wake of the recent Ashley Madison hacking scandal, cyber breaches have become a hot-button issue. Poking fun at high-profile people caught in the midst of a scandal has nearly become a national pastime in recent years, but the hack itself is no laughing matter. After all, just six months ago, a data breach at Anthem, Inc. revealed as many as 80 million records had been exposed during what the company characterized as a “very sophisticated external cyber attack.” Certainly, no one was laughing then – not the millions of people whose birth dates, Social Security numbers, addresses and income information were exposed — and certainly not Anthem, which now faces dozens of class action lawsuits. The costs may include millions of dollars in damages and a major hit to the insurance company’s brand and reputation.
One lesson these two very different breaches brought home is that businesses of every type and size are vulnerable to cyber attacks and identity theft. If Anthem were the only health-related business to have been hacked, it would still be a disturbing event; but in fact, the U.S. Department of Health and Human Services maintains an entire website devoted to healthcare-related data breaches of 500 or more records. So far, there are more than 1,300 cases on file, with targets that include individual practices, university-based research facilities, public and private hospitals, and major insurance companies.
In 2012, the U.S. Department of Justice’s Bureau of Justice Statistics reported that 7 percent of the U.S. population 16 and older had been the victim of identity theft, and direct and indirect losses that year amounted to about $25 billion. That’s staggering. What’s even more alarming is that about one-third of those victims spent weeks or months trying to untangle the financial mess long after their information was stolen.
It’s easy to think the impact of identity theft is limited to financial implications, but the government report had one more startling bit of data revealing just how far-reaching the effects of a data breach can be on its victims. According to the data, “Victims who had personal information used to open a new account or for other fraudulent purposes were more likely than victims of existing account fraud to experience financial, credit and relationship problems and severe emotional distress.”