Post-Breach Carnage: Worst Ways The Axe Fell in 2017
Executive firings, stock drops, and class action settlements galore, this year was a study in real-world repercussions for cybersecurity lapses.
December 11, 2017
![](https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/bltc29699371dad6ce4/64f0d731bafd243ecb0e4a43/01-axefall.jpeg?width=700&auto=webp&quality=80&disable=upscale)
The days of pretending that data breaches don't matter to the business or to executive job security are quickly drawing to a close. This past year has shown how real the implications can be for business viability, for the job prospects of top brass in charge when lapses occur, and even for the personal finances of CEOs when the fecal matter hits the fan.
Read on for some of the worst:
Uber's massive data breach of 57 million accounts and its $100,000 effort to hire hackers came under the watch of already embattled former CEO Travis Kalanick, so this was a case where there was no chief executive to can as a result of poor security and unethical handling of subsequent problems. But you'd better believe somebody was getting shown the door, so it was hardly surprising when the company announced CSO Joe Sullivan and his deputy Craig Clark were given their pink slips for their role in this developing debacle.
(Image by Gang, via Adobe Stock)
Until this year, a lot of conventional beliefs have held that data breaches don't impact stock prices all that much. But new research is showing that isn't true, and the seismic security event at Equifax helped stand as an example of just how much the stock market will punish companies with bad enough breaches. Following the breach that impacted 143 million citizens, the credit bureau lost a stunning $4 billion in market cap.
And don't let anyone tell you that stock prices always bounce back quickly after a breach event. It's been nearly three months and the stock is still down by more than 20% of where it was before the announcement.
(Image by Warakorn, via Adobe Stock)
A mere CSO firing simply wouldn't do for a company that just lost billions in market cap as a result of a massive breach. In the several months following the Equifax incident, the company saw not just its CSO but also its CIO and CEO step down from their positions. True, the CEO "retired" with millions in retirement benefits, but the entire Equifax storyline shows that public backlash against security snafus is finally hitting home in the boardroom.
(Image by Alonso Aguilar)
In September the Securities Exchange Commission opened up about a breach last year of its EDGAR financial disclosure system that could potentially have put the integrity of stock trading information at risk. SEC Chair Jay Clayton was not at the reins when the event occurred, so it's not reasonable to expect major impacts to his job security, but he nevertheless felt the heat with a good-old-fashioned grilling from lawmakers this fall.
(Image by brunel11, via Adobe Stock)
This summer, Swedish government officials were embroiled in scandal when it came to light that poor control over outsourced IT operations and data for several of the country's ministries led to a large breach of citizen information and classified data. The fallout from the breach led to the ouster of the country's home affairs and infrastructure ministers.
(Image by Innovated Captures, via Adobe Stock)
The stakes are getting higher when it comes to making amends to customers exposed by data breaches. This year saw a new benchmark set in class action settlements for security incidents, as Anthem ponied up a record $115 million to put to bed a lawsuit that's been going since its 2015 breach of 80 million patient records. This was the largest data breach settlement on record.
(Image by domnitsky, via Adobe Stock)
This past year has just been a rolling cavalcade of bad news for Yahoo following its initial announcement late last year of a massive breach of customer data that at the time they said impacted 1 billion users. Yahoo's breach fallout shows how expensive security events can really be when Verizon managed to get a whopping $350 knocked off its buying price when picking up the company earlier this year. Good thing, too, because after the deal went through Verizon found out that the breach actually impacted all 3 billion Yahoo users.
(Image by way4arer, via Adobe Stock)
Considering that Yahoo and Verizon had already agreed to have Yahoo CEO Marissa Mayer step down once the acquisition went through, forcing her out early due to a three-year-old breach hardly made sense. However, the board still made an example out of their leading executive. Mayer lost a $2 million bonus and up to $12 million in stock compensation as a result of how the company handled its data during her tenure.
(Image by Lana_M, via Adobe Stock)
Considering that Yahoo and Verizon had already agreed to have Yahoo CEO Marissa Mayer step down once the acquisition went through, forcing her out early due to a three-year-old breach hardly made sense. However, the board still made an example out of their leading executive. Mayer lost a $2 million bonus and up to $12 million in stock compensation as a result of how the company handled its data during her tenure.
(Image by Lana_M, via Adobe Stock)
The days of pretending that data breaches don't matter to the business or to executive job security are quickly drawing to a close. This past year has shown how real the implications can be for business viability, for the job prospects of top brass in charge when lapses occur, and even for the personal finances of CEOs when the fecal matter hits the fan.
Read on for some of the worst:
About the Author(s)
You May Also Like
CISO Perspectives: How to make AI an Accelerator, Not a Blocker
August 20, 2024Securing Your Cloud Assets
August 27, 2024