Ever notice how after these data breaches, the company always follows up with either or both of the following: “we are tightening up our network security” and “we are offering our affected customers a year of free identity theft protection”. While that’s nice and all, it doesn’t compensate us for the time lost calling our banks, waiting for replacement cards, and the inconvenience of having our bank accounts frozen” (which by the way always happens at the worst imaginable time). So there was nothing short of a large smirk on my face when I read that Home Depot will reimburse its customers with $13 million for its data breach in 2014. The breach affected an astounding 50 million Home Depot cardholders. Home Depot as also disclosed that the attack was a result of an intruder who “used a vendor’s user name and password to infiltrate its computer network, and used custom-built malware to access shoppers’ payment card information.” Home Depot also claims that it has incurred $152 million of pre-tax expenses from the breach, $8.7 million of which were just for lawyer’s fees.
The figures are true folks. Breaches cost money. A lot of money. And while they affect us and compromise our information, it’s helpful to know that consumers are not going without compensation (even though it’s minimal). Again, I encourage all of you to be mindful of what you disclose to any retailers. Even something as small as sharing your email address can make you victim of a phishing attack.