Data breaches can be incredibly expensive for businesses, but these breaches also result in a monetary hit on the people whose information is breached. We dug into the data to determine how much a data breach costs.
The number of data breaches is growing year after year across the globe. The real cost of those breaches for those who have their personal information stolen not only hits the pocketbook but results in hours and hours of cleanup.
Companies’ data privacy practices are often lacking and antiquated. And with so many online retailers and information-based companies requiring your personal data to make purchases or log in, the risk of how much data is sitting on servers is enormous. If you were impacted by this, here’s a guide on what to do after a data breach.

For consumers
The biggest risk for consumers is that a hack of personal information will lead to identity theft. More than 30 percent of data breach victims later have their identity stolen, according to Experian.

The total value of your identity on the dark web is, on average, $1,192.58, according to an intensive study of the dark web by reviews.org.
The real cost to consumers who have their identity stolen is much higher, an average of $1,343, for those who experienced monetary loss. Here’s what to do if your identity is stolen.
It’s not only money that’s lost, it’s time. On average, it takes a victim of identity theft 7 hours to resolve their issue over a period of days, weeks or months. It’s not always that easy or quick either. For victims who spent six months or more solving their issues, 29 reported severe emotional distress, according to Experian.
The most common way identities are stolen is through database breaches. During these breaches, hackers typically can steal credit card numbers, bank account information, personal identity information and more.
In 2019 alone, there were 650,572 cases of identity theft, with credit card fraud being the most common type of identity theft. There were 270,000 reports of credit card fraud last year, and cases have doubled since 2017.
So far this year, the vast majority of data breaches, 86%, are for financial gain. That is an increase from just 71% in 2019, according to a Verizon Business data breach investigation.
The biggest risk for consumers is a lack of care for data by companies who neglect personal information that is, in half of the cases, stale, meaning the data is not actively used by the company nor the consumer yet it sits on servers.
“Security headlines often talk about spying, or grudge attacks, as a key driver for cyber-crime – our data shows that is not the case,” said Alex Pinto, Lead Author of the Verizon report, in a company statement. “Financial gain continues to drive organized crime to exploit system vulnerabilities or human error.”
A 2019 global data risk report from the Varonis Data Lab found that 58 percent of companies had more than 1,000 stale user accounts and that only 5% of a company’s folders are protected.
“The United States is one of the few developed countries in the world without a Data Protection Agency. The practical consequence is that U.S. consumers experience the highest levels of data breach, financial fraud, and identity theft in the world,” said Caitriona Fitzgerald, Policy Director and Chief Technology Officer of the Electronic Privacy Information Center, and Mary Stone Ross, Associate Director of the center in an op-ed published this year. “And U.S. businesses remain the target of cyber-attack by criminals and foreign adversaries, putting our identities and personal information at risk.”
Related: The top ten signs your identity has been stolen
For businesses
The damages are not only felt by consumers, but also by the companies that are breached. In a 2019 estimate, IBM found that companies spent $150 per record that was stolen by hackers!

The cost of identity theft in total in 2018 was $1.4 billion, according to Consumer Sentinel Network. The average cost of a single data breach for a company is $150 per record breach, according to IBM. The average size of a breach was 25,575 records in 2019, making the total cost of an average breach cost companies $3.92 million.
