The true cost of Target's 2013 cyber attack

If you ever needed an argument as to why your company should invest more money in cyber security, just think of Target.

The American retailing company was a target (no pun intended) for a cyberattack back in 2013, and it has ended up costing the company $162 million (slightly more than £104 million).

The cyberattack led to the theft of millions of customers' credit card details.

Target revealed these figures during the 2014 full-year earnings report, and added that the damage would have been even higher, if it wasn’t for insurance pay-outs.

“Target incurred breach-related expenses of $4m (£2.5m) in fourth quarter 2014 and full-year net expense of $145m (£93.4m), which reflects $191m (£123m) of gross expense partially offset by the recognition of a $46m (£30m) insurance receivable,” the company said.

“Fourth quarter and full-year 2013 net expense related to the data breach was $17m (£11m), reflecting $61m (£39m) of gross expense partially offset by the recognition of a $44m (£28.3m) insurance receivable.”

However, that’s not the end to Target’s miseries. The cost of the data breach will probably rise a bit more, as Target seems likely to receive a legal challenge from customers and banks unhappy about the breach.

In December 2014, a federal judge rejected Target's bid to dismiss a lawsuit by banks seeking to recoup money they spent reimbursing fraudulent charges and issuing new credit and debit cards because of the retailer's data breach.

This is yet another example of how costly low security can be for a company. Both Sony and Anthem were also victims of costly hack attacks.