Whether it is for profit, protest or just for a challenge, computer hacking is an infamous pastime for those with a talent for technology. A corporation that is the victim of hacking will likely shell out millions of dollars to remedy the situation. A report by the Ponemon Institute stated that the expenditures come in the form of detection, remediation, fines and litigation, mandated disclosures and post-event security improvements. Companies must also deal with the damage that a hack does to the integrity of their brand. In addition, security hacks place a burden on credit unions and banks that have to notify customers and reissue compromised cards.
TUTORIAL: Credit Cards: Pros And Cons
The recent security breach of Sony's PlayStation network has been a financial and PR nightmare for the corporation. Hackers gained access to personal information such as names, birth dates, emails, passwords and user names of 77 million network users. The network was offline for two months following the massive hack.
Customers were afraid that the hackers would use the data to commit identity theft or to login to other online accounts for which they used the same user names and passwords. (To maximize the sales potential of any business, a public relations program should be part of the master marketing plan. For more, see Public Relations: Offering Businesses A Competitive Advantage.)
Sony relaunched their Sony PlayStation network June 1, 2011. As an apology to its users, Sony offered free games, movies and other extras. Unfortunately, the company didn't have much time to celebrate the website's return. On that same day, it was discovered that the Sony Pictures website had been hacked by a group called LulzSec. The group bragged about how easy it was to access a million user names and passwords in the system, calling Sony's security "disgraceful" and "insecure." The House Energy and Commerce Committee launched an investigation into Sony's data security. They criticized Sony for waiting a week before they confirmed the PlayStation hack to the public.
Sony executives estimate that the hack will cost the company $170 million.
TJX Company, Inc.
The hack on the company that owns discount stores T.J. Maxx, Marshalls and Homesense was a turning point for security legislation. In 2007, TJX Company, Inc. announced that more than 45 million customer records including names and credit card data were stolen by cyber criminals. Their databases had been vulnerable for more than a year before the breach was discovered. The company spent $250 million dollars to deal with the aftermath of the security breach including lawsuits stemming from the incident.
Heartland Payment Systems
This credit card payment processing company holds the distinction of being the victim of the biggest credit card hack of all time. In 2009, the company told the public that their computer systems were hacked compromising the information of 175,000 merchants. In 2010, Heartland agreed to pay $41.4 million to MasterCard issuers to settle claims. (For related reading on credit cards, see Prepaid "Credit" Cards: Convenience At A Cost.)
Hannaford Bros. Co.
The supermarket chain made serious updates to its security measures after 4.2 million credit and debit card numbers were stolen from its IT systems in 2008.
The attack happened after malware was installed on the company's servers. The company spent millions of dollars on "military and industrial strength" security controls. They enlisted the services of IBM, Microsoft, Cisco Systems, Inc. and General Dynamics to secure their network.
A class action lawsuit was filed against the grocer on behalf of its customers. The lawsuit charged the company with negligence.
TUTORIAL: Credit Card: Terms Of Agreement
Computer hackers had a field day with this Atlanta-based credit card transaction processor in 2005. Forty million credit card numbers were stolen after a malicious code was put onto the company's computers. It was later found that the company never encrypted customer's personal data, making it easy for the data to be stolen. The hack was very detrimental to the company; Visa, American Express and Mastercard cancelled their contract with CardSystems. The company was eventually sold to Pay by Touch, but that company shut down in 2008.
(For related reading, see How Credit Cards Affect Your Credit Rating.)
The Bottom Line
A hack not only costs a company money, but also its reputation and the trust of its customers. It can take years and millions of dollars to repair the damage that a single computer hack inflicts.