Skip to main content

2010 Annual Ponemon Study on Cost of Data Breaches

The 2010 Ponemon Institute study on the cost of data breaches has been released.    The numbers are eye-opening.   The average total cost per reporting company in the study was $7.2 million per breach -- the most expensive data breach cost $35.3 million and the least expensive breach cost $780,000.   Costs were incurred in the usual places:  detection and investigation, assistance to data breach victims, notification, lost business due to customer churn, legal and consulting services.  Training and awareness programs remain the most popular breach remedies, while other remedies include encryption (required by Massachusetts law), identity and access management solutions, data loss prevention solutions and end point security solutions.

Malicious or criminal attacks are the most expensive cause of data breaches (costing $318 per compromised record), while negligence cost $196 per record and system failures cost $210 per record. 

Subscribe To Viewpoints


Cynthia J. Larose

Member / Co-Chair, Privacy & Cybersecurity Practice

Cynthia J. Larose is Chair of the firm's Privacy & Cybersecurity Practice, a Certified Information Privacy Professional-US (CIPP-US), and a Certified Information Privacy Professional-Europe (CIPP-E). She works with clients in various industries to develop comprehensive information security programs on the front end, and provides timely counsel when it becomes necessary to respond to a data breach.