A stolen password, a lost laptop, that’s all it takes to leave your business – no matter how big or small – vulnerable to cyber liability.
A small accounting firm in Connecticut learned this all too well in 2013. Lyons & Lyons, a firm comprised of five accountants in Ridgefield, CT, suffered a data breach that potentially affected up to 900 of its clients. According to a report by The Ridgefield Press, the breach was serious enough to involve the Secret Service and IRS in the subsequent criminal investigation.
Notably, in this case:
- A hacker seems to have gained access to old tax returns through the firm’s computer system. If you’ve ever done your taxes, you know the kind of information found on these documents: names, addresses, social security number, income, etc. In other words, a goldmine for identify thieves.
- The suspect at the time of the report was said to have been neither a former employee nor a former client, meaning the breach was from an entirely exterior threat.
No specifics could be found about how the hacker gained access, so we can only guess, but it’s worth considering CIO.com’s point that most data breaches can ultimately be traced to human error.
The Cost of a Data Breach
So how expensive was this ordeal for the firm?
Typically, the immediate cost of recovering from a breach depends on the size, or the number of people affected, and will include…
- Applicable state fines.
- Paying for credit monitoring services.
- Notifying affected individuals.
- Repairing your system’s security.
However, it can be difficult to measure the long-term cost of a breach when you include reputational factors and client loyalty.
In this instance, the company reported that they arranged for clients to receive free identity theft protection and set up credit monitoring services. They will have also naturally required an update and strengthening of their computer system as well. All of this can’t be cheap.
Luckily, Connecticut state law wouldn’t have required them to necessarily pay fines for the breach, according to Techinsurance.com. But it does require them to notify affected parties. Other states may mandate fines for the number of customers affected, quickly driving up the cost even higher.
Covering this Cost with Insurance
When events like this happen to businesses such as Lyon & Lyons, the related costs can be a surprising and burdensome shock. Far from having the financial reserves that national corporations might, small businesses are left without much help when dealing with data breach aftermath.
But that’s why there’s Cyber Liability Insurance. This policy may help cover all the costs listed above and even allow your business to begin a marketing campaign to repair your image. It may provide crucial financial backing for when you’re the victim of a hack or data breach and don’t know where to turn.