To be honest it is in my opinion that $17 million is relatively low for a breach of this magnitude. When its all said and done (legal fees, lawsuits, regulatory fines, loss of customer business, credit card monitoring payments, investigation, IT security costs, etc...) I would venture to say that total costs will be well over the $50 million mark. This is an unfortunate event that I hope sparks other companies to do a better job at pro-actively protecting customer's personal information. ID theft is something I would never want to go through, but fully expect to deal with at some point because of incidents such as this.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/newsbriefs/505/1955#1955