Data breaches suffered by UK organisations could cost as much as 2 million per incident, a study of real world incidents has discovered.
The average cost per compromised record has increased to 86, up from 79 in 2011. Cost per compromised record was 47 in 2005, according to the Cost of Data Breach Study, carried out by the Ponemon Institute.
More than a third of UK data breaches involve negligent employees or contractors.
The average incident now costs firms 2.04 million each, increasing from 1.75 million last year. The study looked at 38 reported incidents. These ranged in size from 3,500 records breached to just over 70,000 records, with the average incident size being 23,000.
"While external attackers and their evolving methods pose a great threat to companies, the dangers associated with the insider threat can be equally destructive and insidious," said Larry Ponemon, chairman of the research firm. "Eight years of research on data breach costs has shown employee behavior to be one of the most pressing issues facing organizations today, up 22% since the first survey."
The study looked at the direct and indirect costs incurred by 277 companies in the US, UK, Germany, France, Australia, Italy, Japan and Brazil after the loss or theft of protected personal data.
The report, commissioned by IT security firm Symantec, found that while negligence is the main cause of data breach, 37 per cent of data breaches involved negligent employees or contractors, while malicious or criminal attacks have grew slightly from 31 to 34 per cent of data breaches, making this the most expensive type of breach at 102 per compromised record.
"With more than a third of UK data breaches involving negligent employees or contractors the human factor' is still the weakest link, and so training and awareness should be a priority from the offset," said Mike Smart, product and solutions manager at Symantec.
"But here in the UK it seems that malicious attacks are becoming nearly as big a problem. Not only have more data breaches been down to malicious attacks, but when it does happen, it is far more costly."
-
A threat to Google’s dominance? The AI browser wars have begun – here are the top contenders vying for the crownNews Perplexity has unveiled its Comet browser while OpenAI is reportedly planning to follow suit
-
Google Cloud Summit London 2025: Practical AI deploymentITPro Podcast As startups take hold of technologies such as AI agents, where is the sector headed?
-
Scania admits leak of data after extortion attemptNews Hacker stole 34,000 files from a third-party managed website, trucking company says
-
Capita tells pension provider to 'assume' nearly 500,000 customers' data stolenCapita told the pension provider to “work on the assumption” that data had been stolen
-
Gumtree site code made personal data of users and sellers publicly accessibleNews Anyone could scan the website's HTML code to reveal personal information belonging to users of the popular second-hand classified adverts website
-
Pizza chain exposed 100,000 employees' Social Security numbersNews Former and current staff at California Pizza Kitchen potentially burned by hackers
-
83% of critical infrastructure companies have experienced breaches in the last three yearsNews Survey finds security practices are weak if not non-existent in critical firms
-
Identity Automation launches credential breach monitoring serviceNews New monitoring solution adds to the firm’s flagship RapidIdentity platform
-
Neiman Marcus data breach hits 4.6 million customersNews The breach took place last year, but details have only now come to light
-
Indiana notifies 750,000 after COVID-19 tracing data accessedNews The state is following up to ensure no information was transferred to bad actors
