Outdated machines, software or employee practices can lead to major security problems. These big companies faced painful fines for their IT mistakes.
As companies increase their online activity, data collection and eCommerce, the stakes will continue to rise. Companies that are lax, poorly prepared or sloppy are facing disastrous tech breaches. Equifax, Uber, TJX and Visa are just a few of the companies that have had to face hefty payouts for data breaches. The public relies on companies to act professionally and secure their information. Many companies that face a security breach or lost data will not be able to stay in business.
With a security breach, the customer’s trust is lost. Not only will the reputation harm business, but fixing the issue will cost more than preventing it. Fines and payouts will also add to that cost. And, the more consumers affected by a major problem in the company’s security, the more painful the clean up. You can’t afford to slack when it comes to IT security.
The infamous Equifax data breach of 2017 has lead to 147 million affected customers. The settlement announced by the credit reporting company included $175 million to 48 states, $300 million towards free credit monitoring services for the impacted customers and $100 million to the Consumer Financial Protection Bureau for civil penalties.
Federal Trade Commission (FTC) Chairman Joe Simons said, “Equifax failed to take basic steps that may have prevented the breach that affected approximately 147 million consumers. This settlement requires that the company take steps to improve its data security going forward, and will ensure that consumers harmed by this breach can receive help protecting themselves from identity theft and fraud.”
The FTC smacked Facebook with a $5 billion fine for the Cambridge Analytica incident. This privacy violations fine was in response to personal data taken from over 87 million Facebook users to create more persuasive and personalized ads.
In 2016, Uber had over 57 million user accounts compromised–and then tried to cover it up by paying the perpetrator $100k. This lead to the largest data-breach payout at the time of $148 million because they broke data breach violation laws.
When the US health insurer Anthem was hacked in 2015, over 79 million customers had their names, birthdates, social security numbers and medical IDs compromised. The company paid out $115 million in a class-action lawsuit in 2017 regarding the breach. The US Department of Health and Human Services fined them an additional $16 million for HIPAA (Health Insurance Portability and Accountability Act) violations.
When over 96 million credit and debit accounts were hacked in a widely-publicized data breach that lasted from 2003 to 2007, TJX promised pay outs. This came under the terms that 80% of card issuers agreed to the recovery offer and promised not to take further legal action. TJX agreed to fund the settlement as a resolution to those U.S. Visa holders with cards from taking further legal action. This amount was not part of the $256 million the company said it had budgeted to deal with the breach.
Between 2012-2013, the University of Texas MD Anderson Cancer Center lost one unencrypted laptop when it was stolen from an employee’s house and two unencrypted USBs that contained sensitive patient data. The health information of over 33,500 individuals was compromised and the center faced a $4.3 million fine for HIPAA violations.
In 2012, Fresenius Medical Care North America (FMCNA) was fined $3.5 million for HIPAA violations after five separate breaches in different company locations. The Office for Civil Rights noted that FMCNA could have avoided this with a thorough risk analysis to find the potential risks and vulnerabilities. Many of their breach problems included lacking security policies and failing to encrypt sensitive health data.
A good company will take proactive IT security measures with a great tech team. By outsourcing IT security through a managed IT service company, you can get the best security without hiring a team full-time. Your IT team will provide an audit of your company to help you find the places where your security, devices or practices might be a threat to your company. Ensure you are using the right equipment and your employees are trained to meet compliance standards, privacy laws, customer expectations and more so your company can succeed.
Thanks for helping us upgrade our Macs and get them working exactly as our business needs! Fast, convenient and very knowledgeable! You’re the best!
Alary Technologies has been our IT support team for the past year at the START Clinic for Mood and Anxiety Disorders. They have done a excellent job in upgrading our system, organization, and supporting us in technical computer matters. Compared to other IT companies we have worked with, Alary Technologies comes on top. Ahmed Kufaishi the Managing Director at Alary Technologies is solution focused, knowledgeable and makes an effort to really understand his clients’ needs. It has been a pleasure to work with Ahmed and Alary Technologies. I would recommend their services to other companies and clinics.
“We continue to work with Alary Technologies due to the fact that they are quite educated and knowledge based with current upgrades, and their commitment to their customers.”
Ahmed has been providing our company with expert IT services for close to 3 years. He has guided us through hardware upgrades, server back up procedures and was instrumental in brokering a custom software program that fully automated some key functions in our business. Ahmed has always been thoroughly professional in all his dealings with us and has provided consistent and sound advise for all of our IT requirements. We consider Ahmed and Alary Technologies to be an important partner for our business.
It is refreshing to work with someone who can organize things and describe in plain language. I have a large and growing knowledge base for my work as an architect. I have realized that I can’t do everything, that I do need a team member who can look after this one relatively small by crucial part of my practice.