Why Data Breaches Often Are Worse Than They First Sound

Advertising Disclosure: When you buy something by clicking links on our site, we may earn a small commission, but it never affects the products or services we recommend.

Image Not Available

If history repeats itself, the high-profile Experian data breach announced two weeks ago today will affect a lot more than the initial estimate of about 15 million T-Mobile customers.

Quartz’s recent comparison of data-breach announcements from recent years shows that initial estimates of how many people or records were compromised usually end up dwarfed by post-investigation numbers.

For example, the publication cites numbers from announcements by the following entities:

  • U.S. Office of Personnel Management: “Approximately 4 million” in June became “21.5 million” in July.
  • Target Corp.: “Approximately 40 million” in December 2013 became “up to 70 million” in January 2014.
  • Adobe: “2.9 million” in October 2013 reportedly became at least 38 million and then more than 150 million later that month after hackers posted stolen data online.

One reason numbers change is because initial estimates are made before investigations start or as they get underway. The language that companies use in initial announcements often hints at this. For example, Adobe’s first announcement said, “Our investigation currently indicates …”

Salvatore J. Stolfo, a computer science professor and part of the Intrusion Detection Systems Group at Columbia University, tells Quartz that another reason numbers change is because companies are forced to revise their estimates after hackers post stolen data online.

Discoveries by outside law enforcement agencies also can turn up greater numbers than companies’ internal investigations.

Do you take any steps to protect yourself against data breaches? Let us know how below or on Facebook.

Get smarter with your money!

Want the best money-news and tips to help you make more and spend less? Then sign up for the free Money Talks Newsletter to receive daily updates of personal finance news and advice, delivered straight to your inbox. Sign up for our free newsletter today.