The following is from the Feb. 26, 2014, edition of NPR's Marketplace. Tyler Moore, an assistant professor in the Lyle School's Department of Computer Science and Engineering, provided expertise for this story.
February 28, 2014
By David Gura
Target reported quarterly earnings for the first time since a major data breach that has affected more than 100 million customers. Target says it cost the company $61 million.
The retailer was quick to point out, however, that when all is said and done, that $61 million will be more like $17 million, because Target, like more and more companies these days, has something called "cyber insurance." . . .
Scott Godes, a lawyer with Barnes and Thornburg, focuses on corporate insurance. He says that after a data breach, there are lots of questions: “Are there people that are in your system? When did they get in there? Are they still in there? And how do you get them out?”
It costs a lot of money to answer those questions. Cyber insurance can take care of the costs of notifying customers and giving them credit protection. “Just generally needing to clean up the mess that’s been created,” says Tyler Moore, a computer science professor at Southern Methodist University.
But these policies have limits.
"The reputational damage to a company following a high-profile breach, for instance, is not typically covered," he says.
Read or listen to the full story.
# # #