top of page
  • Admin

As The Cost of Data Breaches Soar, Consumers Get Stuck Helping Pay The Bill

Published: October 17, 2022 on our newsletter Security Fraud News & Alerts Newsletter.

The cost of doing business in our digital world has gone up yet again this year. IBM's 2022 Cost of Data Breach report revealed the price tag for an average data breach hit new heights at $4.35 million per incident. That’s up 2.6% since last year’s record $4.24 million per incident average.

As things currently stand, the cost of data breaches is likely to keep breaking records. One would think protecting company systems and customers against a data breach would be a priority. But then again, what’s the rush when your customers are helping pay the cost of the breach?

I’ve Heard of That Before…

The IBM report shows a variety of attack vectors are used for data breaches; with some you may have heard of before. Below are results of report findings on the most common data breach tactics.

Credential compromise is once again the most common reason for data breaches, making up 19% of all incidents this year

Phishing is responsible for the second most common data breach, making up 16% of all incidents

Ransomware attacks, a highly destructive type of data breach, increased by 7.8% since last year and was behind 11% of incidents

Supply chain attacks, also known as “third-party” attacks, were behind 19% of incidents

21% of data breaches were the result of human error, from employee mistakes to third-party compromise. IT failures leading to data loss were behind 24% of incidents

Passing the Buck to Consumers

The rubber meets the road when a company opts to pass the cost of a data breach to their customers. Consumers inadvertently help pay for those financial losses by paying more for their goods and services.

The IBM report finds “…60% of studied organizations raised their product or services prices due to the breach, when the cost of goods is already soaring worldwide amid inflation and supply chain issues.”

With this being the case, it’s in every consumer’s best interest to keep their personally identifiable information (PII) as safe as possible to avoid having it used in a breach.

The Global Head of IBM Security X-Force, Charles Henderson, sums-up costs for the breached company and its consumers, saying “Businesses need to put their security defenses on the offense and beat attackers to the punch. It's time to stop the adversary from achieving their objectives and start to minimize the impact of attacks. The more businesses try to perfect their perimeter instead of investing in detection and response, the more breaches can fuel cost of living increases.”

It's clear both sides can do better by doing what it takes to reduce data breaches. Companies need to bolster their data protection systems and consumers need to minimize and protect the type and amount of PII they make available to businesses.

Tips for Consumers

  • Keep PII out of the hands of phishers. Don’t click links or attachments in email or texts that are not expected or seem phishy in any way.

  • If you don’t know the number showing up on your phone, don’t answer it. They’ll leave a message if they really need to speak with you.

  • Don’t provide PII over the phone to someone contacting you unexpectedly.

  • If someone gives you the sense that you must rush to make a decision, it’s probably a scam or phishing. Take time to vet these messages.

  • Keep your passwords safe and make sure they are strong and unique to each website. Enable multifactor authentication (MFA) whenever possible.

Keep up to date: Sign up for our Fraud alerts and Updates newsletter

Want to schedule a conversation? Please email us at


bottom of page