When you hear companies talking about data privacy, you may think of individuals trying to protect their data from being exposed or large corporations trying to safeguard endless amounts of in-depth information. It may be easy to believe data privacy issues do not apply to your small to medium-sized business. How much information can you have about your users or customers, and how likely is it that this data may be exposed?
If you maintain any data about your customers or users, you may be at risk of a data privacy breach and held accountable for damages caused by these data breaches. Information obtained during a breach can include a username, password, address, phone number, credit card number, user ID, and more. The amount of damage a hacker can do with this information is massive; therefore, many lawmakers are proposing laws to improve data privacy. Taking the proper steps to secure your data is essential to avoid three main things: opening your business to scandal, legal liability, and direct and indirect loss of income or business.
There have been many businesses publicly shunned for their data breaches and how they exposed customers to theft and other privacy violations. So far, in 2022, at least 50 well-known companies and organizations have had a significant data breach. When companies like Uber, Tiktok, DoorDash, Cisco, Twitter, and Verizon are hacked, it leaves users not wanting to purchase from those companies or trust them. Some of the most significant data breaches have left companies reeling long afterward. In 2013 Yahoo suffered a massive security breach that affected its entire database, about 3 billion accounts — almost the entire population of the web. Even though the Yahoo breach occurred in August of 2013 the incident was revealed in December 2016, and the leak was only reported partly because Verizon was acquiring Yahoo. More than 3 billion of its users had been left exposed. Initially, it seemed as though this might lead to the collapse of the acquisition by Verizon after the significant loss of company trust. This hurt Yahoo’s overall brand significantly. In 2014, Yahoo had 4.2% of the market share for their search engine; in 2016, this dropped to 2.97%, and today search engine market share for Yahoo is only at 1.32%. There are a lot of factors that caused this decrease in percentage share. However, the public scandal of one of the largest data breaches in history did not help.
It does not take much searching to find a large company that has been sued for a data breach, and just because lawsuits against small companies are less likely to be heard about, it does not mean they do not occur. There are significant class action lawsuits against companies like T-Mobile, Geico, Equifax, Plaid, and many more and some of these companies are not in court for the first time over data leaks. In 2017 Equifax was ordered to pay $575 Million due to the leak of 147 million users’ data for “failure to take reasonable steps to secure it’s network.” “Companies that profit from personal information have an extra responsibility to protect and secure that data,” said FTC Chairman Joe Simons. “Equifax failed to take basic steps that may have prevented the breach that affected approximately 147 million consumers.”
The estimated average cost of a data breach globally is around $3.86 million, and the average price per lost and stolen record in 2018 was $148. Hackers targeted small businesses 43% of the time, which might be because only 14% were prepared to defend themselves. With these troubling statistics, once one of your customers or users suffers a data breach caused by your company, many are likely not to return or ask for their money back. It is estimated that up to 60% of small companies close within six months of being hacked.
Not all is lost; there are ways to protect yourself as a small business. Educate your employees on security risks and how to identify issues or suspicious activity. Ensure your software is up to date and that you use software from trustworthy sources. Consider Cybersecurity insurance, since data breaches are becoming more common, it is best to ensure you are covered should the worst happen. And last but not least, have a plan to enact should a data breach happen to your business. Data Privacy is an ongoing and ever-evolving issue affecting more people and businesses every day. Make sure you understand the risks so you can plan for any circumstance and protect your business.
