Research question: What is the impact of data breach and the effect it has on consumer?
Thesis: Data breach impact on consumer because businesses are not well prepared to respond to data breach attack.
Table of Contents
ABSTRACT……………………………………………………………………………………………………………………………. 1
BACKGROUND……………………………………………………………………………………………………………………….2
IMPACT ON CONSUMER………………………………………………………………………………………………………5
CONCLUSION…………………………………………………………………………………………………………………………15
Abstract
Data breach is currently a modern-day challenge. Data breach is the intentional or unintentional of accessing data, disclosing or manipulating data.Many organizations including the federal government have been a victim of data breaches. Data breach does not affect the organization, it also affects the people who are affected by it. Studies show that millions of Americans have been part of some type data breach. Organizations that have been affected by data breach has to deal with the aftermath of that breach.
In most cases, organization has to pay monetary damages to the consumers. Often time they lost investors, shareholder, or public trust. Some organizations have indicated that they do not have any protocol in place to fight cybersecurity prior to data breach happens. The fallout of mismanagement of data has caused financial burden on the consumers. Some of the main concern for most consumers, is identity theft.
Data breach involved consumer personal identifiable information such as name, date of birth, Social Security number, address, mother’s maiden last name, place of birth and more. With these critical information hackers can cause damages to person finance which can take years to resolve. In order, for victim to file any lawsuit or class action, they have to be able to prove that the business/organization is the cause of their identity theft or any issues that arise because data breach. this paper outlines some of the key components’ organization can take before a security incident happens.
Background
Cybercrime and cyberattack are amongst the major risks to the economic system and business steadiness today, particularly as the world becomes more digital. With the internet continue to grow globally, the opportunities for cybercriminal have also grown. Cybercriminals can attack financial services, retail, hospital and more. Most of the cyberthreats are the sources of malware, spam, and phishing, (Davidoff, 2019)-book.
The main cause of data breach has been an extreme issue for the federal government and corporate America. Federal agencies collect personal information and store it on their database. Corporate America collects personal information from the public and store the data in their database. That information can easily be distributed, if not secure. Several corporate companies and federal agencies have been victimized by cybercrimes and cyberattacks. In 2017, 144.5 million Equifax users were left digitally vulnerable due to data breach. after the data breach, the company did not properly provide ongoing communication or information about the attack. Based on study that was done after the Equifax data breach, Equifax users were frustrated and outraged about the security violations, (Novak & Vilceanu, 2019)- peer-review. OPM is a federal government agency that also have been a victim of cybersecurity attack, not once, but twice. 21.5 million federal employee background information and 5.6 million fingerprints were stolen, (Gootman, 2016)-peer review
In 2015, Anthem, a health insurer and health plan administrator, was part of data breach, which involve 80 million individual’s information. FTC report concluded that in 2015, the security equipment was less sophisticated and make it harder to identify security risk. FTC concluded that router had proven to be vulnerable to “botnet malware and increase concern about that vulnerability can be exploited- (Riga, 2017)- peer.
The step business can take to prevent data breach and protect their consumer private identifiable information:
According to Fowler, data breach has become a daily discussion everywhere, including the boardroom or the lunchroom. Fowler define data breach as security occurrence that contain the intentional or unintentional access, disclosure, manipulation or destruction of data. If the incident is not properly managed, it can later result in lawsuit, fines, or cause reputational damage to any organization. Ever since cybersecurity has deemed a technology concern, Breach Management has created a response team that focus solely on breach response. Fowler identify twelve phases by the breach response team. These phases are as follow:(Fowler, 2016)- BOOK
With that being said, Fowler lay a well-plan for organization who has been compromised by data breach or has been affected by data breach. according to Fowler, if organization’s follow these CSIR phases, organizations should be able to detect data breach and manage it accordingly. So, the question remains, why organization like Uber, Facebook, Bank of America, OPM, have been a victim of data breach on numerous occasions.
Business should have a communication plan to ensure that their consumer receive proper communication after a data breach.
The most important part of data breach is crisis communication. In accordance with Coleman, as part of crisis communication, people were not being considered. Organization spent time establishing plan, process, or procedures, but fail to recognize the impact it has on the people. Coleman focuses on crisis communication, and the impact it has on people who are internal and external of the organization. “The most important starting point is to have a clear crisis communication plan that can be understood by the communication professional and everyone else working in or supporting the business’s crisis response” (Coleman, 2020)- book. During a data breach, Coleman highlights a communication plan to better serve the organization to response accordingly:
The impact data breach has consumer, and the litigation action consumer can take the business after data breach.
Based on a survey done by Ablon,et al., in 2016 64 million adults in the United States, have received some types of breach notification in the past twelve months. Based on the information gather by the surveyors, only 44 percent of those individuals were aware of the breach prior to being notify by the organization. 56 percent of those who complete the survey mention that they were aware of the notification when they were notified of the breach. According to Ablon, et al, by 2016, 47 states have passed legislation require businesses that affected by data breach to notify the individual when a breach occurs. This legislation gives the consumers a chance to respond to the incident and act quickly. “Despite the mounting rate of security breaches, the continuing harms imposed on consumers and firms, and more than a decade of breach-notification laws, very little research exists that examine consumer response to these developments”, (Ablon, Heaton, Lavery D, & Romanosky, 2016)- book.
Different data can becompromised during a data breach. Ablon,et al.. lists some of the information that has been compromised in data. Here is the information provided by Ablon et, al.. Target lost consumers credit card information. Anthem lost consumers’ Social Security numbers; medical information was stolen from TRICARE. Countrywide lost information mortgage information during data breach. Sony PlayStation lost user account data and OPM lost sensitive personnel information, (Ablon, Heaton, Lavery D, & Romanosky, 2016). Amongst that information that have been compromised, consumers reported that some information cannot be changed such health information, Social Security numbers, or other personal information. Based on the survey done by Ablon, 18 percent of the respondents of that survey mentioned that they were never inform of the breach, (Ablon, Heaton, Lavery D, & Romanosky, 2016).
Per Hooker, a few consumers whose information have been compromised file a lawsuit. Hooker mentioned that plaintiff (victim of data breach) has to prove whether or not the harm to them was caused by data breach. “Proving causation in data breach litigation naturally will become increasingly difficult task as additional data breach occur and more individual becomes the victim of multiple cyber breaches”, (Hoker, McConnell, & Pill, 2020)- peer review . When it comes to proving fault or negligence of the defendant, plaintiff has to show the court three (3) elements. These elements are (1) an injury showing an “invasion of a legally protected interest”; (2) a causal link between the injury and the alleged conduct of the defendant; and (3) the injury is “redressable(able) by a favorable decision”, (Hopkins, 2020). In other word, consumers can take legal actions if they believe that the organization is at fault for compromising their personal identifiable information.
Data breaches are progressively becoming part of consumers daily lives. No businesses or corporations are exempt from being attack. As data breach continuously to increase, identity theft is also becoming an increasingly possibility. As stated in Marcus journal, the current solution to handle the incidents are miserably lacking. “Most companies only discover deficiencies in their security systems following a data breach. Private parties then turn to litigation to bring claims damages stemming from the breach and to demand better cybersecurity practices”, (Marcus, 2018)-Peer review. These lawsuits might force some companies to take the initiative to institute cybersecurity reforms, severe changes to guarantee consumers person information and financial information are protected, (Marcus, 2018).
“When a data breach occurs, the usual procedure is for the breached entity to notify those who data has been compromised. For consumers, data breaches cause many types of harms, including loss of privacy, economic loss, safety hazards, fear of future damages, and inconvenience”, (Johnson & Millett, 2016). Johnson also mentions in the book, often time, the consumers are unwilling undertake risk behavior that leads to privacy breach. it is common due to lack of consumer education on data breach. it is important that consumer do understand the risk of such data and harm.
Data breach impact on the economic.
The cost of cyber-security breach has increased over the years. In 2017, cybersecurity breach was $3,860,000, and the cost of stolen information was $148 each. So, each company has their own estimates because the estimate is different from company to company. “According to Sfax, a fax-securing company for hospitals, the global average cost of a cybersecurity breach was at $3,620,000 in 2017. However, in the US, where there were more cyberattacks, the company estimates the average cost of each attack to be $7,350,000”, (Aslaner & E., 2019)-book.
Cybercrime has become one of the most expensive economic disaster in a lot country. In average of $600,000,000,000, is depleting from the universal economy through cybercrime yearly. “$600,000,000,000 is an enormous figure and the loss of this has affected many factors, including. Cybercrime crime is hurting the economy and, in turn, hurting the job market” (Aslaner & E., 2019). One of way that cybercrime is destroying the economy is through espionage. Data breach can also be internal. It could be lack of caring by employee who misplaced data that can cause harm to the busines. Organization has spent a lot of money on building its brand and fighting to keep market share and keep investors satisfied. If there are no trusted brand names, most companies could fall into nothingness. “Cyber-attacks tend to attract press, and this leads to damaging a company’s brand and reputation. Investors are put in a frenzy of selling their shares to prevent further loss” (Aslaner & E., 2019).
Inconclusion, data breach is one of the most challenges the world has ever face. Data breach is not only a U.S.A challenge, it is a global challenge. Data breach occurs when someone intentionally or unintentionally access, disclose information. Most high-end companies have a victim of cyber-attacks. Companies such as Target, Equifax, Anthem, even the OPM which a federal agency. Cyber-attacks do not care about the business worth or what type of business it is. There are some precautions business can take to prevent cyber-attack. Ablon mentions twelve steps business can take to properly handle data breach. data breach does not only affect the business, it also affects the consumer. Most consumers alleged that they were not informed of the data breach from the company itself. Some consumers alleged that they had some knowledge of the data breach prior to any notification. Corporate America and the federal government have to make the consumer a priority when data breach happens. Because the consumer has to ensure that they have enough time to take precautions and step to protect their information. Most of the information that are stolen are personal information such as name, date of birth, Social Security number, address, parents name, driver’s license number. The consumer personal safety is at risk if they are not properly informed. It is also important that the business provide a helpline in case the consumers have questions about the data breach. One of the issues that most company fail to properly do is communicate the information with their consumers. Data breach can lead to litigation against the company that fail to secure the consumer personal information. Data breach is also costly and can affect the economy in a negative way.
Ablon, L., Heaton, P., Lavery D, L., & Romanosky, S. (2016). Consumer Attitudes Toward Data Breach Notifications and Loss of Personal Information. Santa Monica: RAND Corporation.
Aslaner, M., & E., O. (2019). Hands-On Cybersecurity for Finance. Packt Publishing.
Coleman, A. (2020). Crisis Communication Strategies: How to Prepare in Advance, Respond Effectively and Recover in Full. New York: Kogan Page.
Davidoff, S. (2019). Data Breaches Crisis and Opportunity. Pearson Education.
Fowler, K. (2016). Data Breach Preparation and Response. Cambridge: Elsevier.
Gootman, S. (2016). OPM Hack: The Most Dangerous Threat to the Federal Government Today. Journal of Applied Security Research, 517-525.
Hoker, M., McConnell, G., & Pill, J. (2020). Here We Reached The Tipping Point? Emerging Causation Issues in Data-Breach Litigation. Florida Bar Journal, 9-17.
Hopkins, M. (2020). Your Personal Information was Stolen? That’s an injury: Article Standing in the Context of Data Breaches. The University of the Pacific Law Review, 427-451.
Johnson, A., & Millett, L. (2016). Data Breach Aftermath and Recovery for Individuals and Institutions. National Academic Press.
Marcus, D. J. (2018). The Data Breach Dilemma: Proactive Solutions for Protecting Consumers Personal Information. Duke Law Journal, 556-593.
Novak, A., & Vilceanu, O. (2019). The Internet is not pleased: Twitter and the 2017 Equifax data breach. Communication Review, 196-221.
Riga, S. (2017). Two Breaches, Two Enforcement Actions, And A DDOS Atack: Data Security And the Rise of the Internet of Things. Journal of Internet Law, 3-7.
Our Advantages
Plagiarism Free Papers
All our papers are original and written from scratch. We will email you a plagiarism report alongside your completed paper once done.
Free Revisions
All papers are submitted ahead of time. We do this to allow you time to point out any area you would need revision on, and help you for free.
Title-page
A title page preceeds all your paper content. Here, you put all your personal information and this we give out for free.
Bibliography
Without a reference/bibliography page, any academic paper is incomplete and doesnt qualify for grading. We also offer this for free.
Originality & Security
At Homework Valley, we take confidentiality seriously and all your personal information is stored safely and do not share it with third parties for any reasons whatsoever. Our work is original and we send plagiarism reports alongside every paper.
24/7 Customer Support
Our agents are online 24/7. Feel free to contact us through email or talk to our live agents.
Try it now!
How it works?
Follow these simple steps to get your paper done
Place your order
Fill in the order form and provide all details of your assignment.
Proceed with the payment
Choose the payment system that suits you most.
Receive the final file
Once your paper is ready, we will email it to you.
Our Services
We work around the clock to see best customer experience.
Pricing
Our prices are pocket friendly and you can do partial payments. When that is not enough, we have a free enquiry service.
Communication
Admission help & Client-Writer Contact
When you need to elaborate something further to your writer, we provide that button.
Deadlines
Paper Submission
We take deadlines seriously and our papers are submitted ahead of time. We are happy to assist you in case of any adjustments needed.
Reviews
Customer Feedback
Your feedback, good or bad is of great concern to us and we take it very seriously. We are, therefore, constantly adjusting our policies to ensure best customer/writer experience.