73% Average Drop in Net Income One Year Post-Data Breach


A new report from ExtraHop analysing the financial impact of several high-profile data breaches. According to the findings, public companies profiled saw net income drop an average of 73 percent roughly one year following the announcements of a data breach.

Industry research on the cost of a data breach has historically focused on the number of records stolen or people affected, overlooking long-term consequences, insurance premiums, or earnings results. To help business leaders better understand the full impact of a data breach, the analysis from ExtraHop looks at the costs associated with data breaches at six organisations, calculating the sum of regulatory fines, legal settlements, and cyber insurance, in addition to the longer-term effects on corporate earnings and stock price.

Nearly all organisations analysed experienced a decline in quarterly earnings and stock prices after a data breach occurred. In one example, ExtraHop noted a company’s stock price fell nearly 21 percent the day after the breach was reported, and net income dropped 27 percent year-over-year in the quarter the breach was reported. These losses are in addition to over 1 billion dollars in reported costs, including regulatory fines, legal fees, and multiple settlements with consumers, businesses and individual states.

“When a data breach hits, real people lose real money – it goes way past the upfront costs that accompany stolen records and the number of people affected,” said Patrick Dennis, CEO, ExtraHop (pictured). “Both investors and customers lose faith in the business, which has a ripple effect on the organisation for years to come. It’s important that corporate leaders take a hard look at their budget and make the cybersecurity investments they need to more effectively manage risk.”

“Bad actors are relentless in their efforts to compromise the public and private sectors, leaving organizations of all sizes susceptible to the potential ramifications of a data breach,” said Andrew Heighington, CISO and Head of IT & Privacy, Visit.org. “These threats transcend the significant monetary disruption outlined in the report, leading to the erosion of trust, tarnished reputations, and disrupted operations, ultimately jeopardising the core of a business. This research offers the proof that the attack landscape is only growing more complex, propelling enterprises to understand material cyber risks to their business and take action today.”

In today’s security landscape, organisations need full visibility into their network to track the movement of potential intruders and identify security threats before they become business problems. With full network transparency, organisations can uncover the truth about attackers to see more of what they’re doing and stop them with greater speed, precision, and frequency.

For more details, download the report, The True Cost of a Security Breach