August 10, 2022
In 2021, the telecommunications giant T-Mobile experienced a major data breach where hackers gained access to more than 48 million current, former, and prospective customers’ data. The sensitive data stolen in this attack included customers’ social security numbers, first and last names, dates of birth, and driver’s license/ID information.
T-Mobile lost around $5.3 billion in value, dropping from $145 per share to $140, in the aftermath of announcing the data breach. When explaining this drop in share price, financial analysts mentioned that the company could face legal trouble but pointed to an even bigger problem: T-Mobile’s reputational damage had the potential to cost the company more than a million current and potential customers.
T-Mobile is not the only company that suffered reputational damage after sensitive information was stolen. Just a couple years earlier, Capital One experienced a data leak affecting more than 100 million people in the U.S. The bank estimated that the leak could cost them up to $150 million, but investors feared a greater issue. Capital One’s shares dropped nearly six percent, in part because financial experts “worr[ied] about longer term reputational damage” to the company.
The reasons for the market reaction to both the Capital One and T-Mobile incidents show that the damages caused by an unintentional information disclosure could be more than recovery costs and legal fees. Poor data security can break the trust a company has built with its customers, investors, employees, and other stakeholders. Reputational damage could harm businesses long after they resolve a data leak. To understand the value of proper information security, leaders should first understand how data breaches can cause both immediate financial and long-term reputational damages to businesses.
As more companies collect sensitive information, consumers are growing more concerned about data protection and privacy. In fact, Shred-it’s 2021 Data Protection Report found that four in five consumers rank personal information security as “extremely high” in importance. A 2021 KPMG study had similar findings: 86 percent of the respondents said they feel a growing concern about data privacy and 62 percent felt that companies should do more to protect customer data.
This expanding concern for data security is likely a result of skyrocketing information attacks. Shred-it’s Data Protection Report found that a record 74 percent of large businesses have experienced a data breach, affecting 70 percent of consumers. For many companies, the stakes of comprehensive data protection have never been higher.
Reputation defines how consumers, employees, and other stakeholders perceive a company, which can have major business implications. Consumers want to do business with organizations they perceive as honest, ethical, and aligned with their values, especially when it comes to data protection. According to Shred-it’s 2021 Data Protection Report, 82 percent of U.S. consumers decide who to do business with based on their reputation for data security.
When data is compromised, consumers can feel like companies do not operate ethically nor care about their sensitive information. As a result, more than one-fourth of U.S. large businesses surveyed by Shred-it in 2021 reported a damage to their reputation and credibility as a result of a data breach.
This damage in corporate reputation might not have immediate financial impacts as fines or recovery costs would, but it can affect a business’ bottom line. A 2020 Customer Experience Trends Report from Zendesk found that approximately half of consumers will switch brands after one bad data privacy experience. To build trust and long-lasting relationships with customers, companies should prioritize effective information security.
Data protection should play a role in every brand reputation management strategy. Shred-it’s information security tips help businesses keep their data and reputation safe:
Shred-it’s experienced team of information security professionals helps organizations of all industries and sizes keep physical data secure. Learn more about our services and contact us to get started.