0
1
Equifax announced during the third quarter of 2017, it incurred $87.5 million in expenses related to the cyber attack that was reported in September.
It is very difficult to estimate the overall losses caused by a cyber attack because victims incur in direct and indirect costs that aren’t easy to calculate.
This week the credit reporting agency Equifax announced during the third quarter of 2017, it incurred $87.5 million in expenses related to the cyber attack that was reported on September 7, 2017.
The expenses associated with the massive attack include “costs to investigate and remediate the cybersecurity incident and legal and other professional services related thereto, all of which were expensed as incurred.”
The expenses are divided in $55.5 million in product costs, $17.1 million in firms hired as part of the incident investigation and response (i.e. security firm Mandiant, attorney’s), and $14.9 million in activities to support customers.
“During the third quarter of 2017, we recorded $87.5 million ($59.3 million, net of tax) for expenses related to the cybersecurity incident announced September 7, 2017. The components of the costs are as follows:
|
(In millions) |
Three Months Ended |
||
|
Product cost |
$ 55.5 |
||
|
Professional fees |
17.1 |
||
|
Consumer support |
14.9 |
||
|
Total |
$ 87.5 |
||
Expenses Incurred. In the third quarter of fiscal 2017, the Company recorded $27.3 million of pretax expenses related to the cybersecurity incident.” reported Equifax. “These expenses are included in Selling, General and Administrative expenses in the accompanying Consolidated Statements of Income for the three and nine months ended September 30, 2017. Expenses include costs to investigate and remediate the cybersecurity incident and legal and other professional services related thereto, all of which were expensed as incurred. “
Unfortunately, the expenses could increase in the incoming months because the agency would be liable for additional costs stemming from the free credit file monitoring and identity theft protection that it is already offering all U.S. consumers.
“Additionally, as a result of the cybersecurity incident, we are offering free credit file monitoring and identity theft protection to all U.S. consumers. We have concluded that the costs associated with providing this service are a contingent liability that is probable and estimable.” Equifax added in the earnings release.
“We have therefore recorded an estimate of the expenses necessary to provide this service to those who have signed up or will sign up by the January 31, 2018 deadline. We have incurred $4.7 million through September 30, 2017 and have estimated a range of additional costs between $56 million and $110 million.”
Equifax also reported other costs associated with the breach, such as billions in market cap due to a falling share price after the security breach was disclosed.
To read the original article:
http://securityaffairs.co/wordpress/65418/data-breach/equifax-cost-security-breach.html
