ExtraHop reveals 73% drop in net income a year after data breach

A recent study by ExtraHop, a provider of cloud-native network detection and response (NDR) solutions, revealed that companies that suffered data breaches experienced an average of 73% reduction in net income within a year.

The ExtraHop report also showed that nearly all analyzed organizations reported a dip in their quarterly earnings and stock prices after a data breach occurred.

“When a data breach hits, real people lose real money — it goes way past the upfront costs that accompany stolen records and the number of people affected,” said Patrick Dennis, CEO, ExtraHop. “Both investors and customers lose faith in the business, which has a ripple effect on the organization for years to come.”

ExtraHop appoints new distributors in PH, Indonesia for Asean expansion
CrowdStrike reveals spike in identity-based attacks

ExtraHop looked at the costs tied to data breaches in six entities, computing the total of penalties from regulations, legal settlements, and cyber insurance, in addition to the enduring repercussions on corporate earnings and stock values.

$1 billion in reported costs

ExtraHop pointed out that most reports regarding data breaches concentrate on the number of affected individuals or the volume and importance of the compromised data. Often disregarded are the enduring outcomes, such as earnings performance or insurance premiums.

In one of the companies it analyzed, ExtraHop identified a nearly 21% stock price plummet the day after the breach disclosure. The company’s net income contracted by 27% compared to the previous year during the quarter.

“These losses are in addition to over $1 billion in reported costs, including regulatory fines, legal fees, and multiple settlements with consumers, businesses and individual states,” ExtraHop said. 

“It is important that corporate leaders take a hard look at their budget and make the cybersecurity investments they need to more effectively manage risk,” said Dennis.

In today’s security landscape, organizations require comprehensive visibility into their networks to monitor potential intruder activities and preempt security threats before they escalate into operational issues. With complete network transparency, organizations can unveil attackers’ strategies, and respond with enhanced speed, accuracy, and frequency to halt their actions.