According to The Columbus Dispatch (6/11/16), Wendy’s suffered an original data breach from October 2015 through March 2016. That breach was thought to have affected 300 franchisee-owned Wendy’s restaurants in the United States and Canada (company-owned stores were not affected by the breach). But based on the number of fraud complaints linked to Wendy’s, experts say the breach could be much bigger than originally announced. In fact, some experts warn the breach could be bigger than the Home Depot or Target breaches, both of which affected more than 40 million people.
Meanwhile, a report from IBM (cited by CNBC; 6/15/16) suggests data breaches are costly for companies. The report notes the average cost of a data breach is now around $4 million, up 29 percent from the average in 2013. On a per-person basis, companies pay around $158 for every affected record, although some industries - such as health care - have a much higher per-person rate. Companies reportedly took around 201 days to identify a breach and 70 days to contain it.
READ MORE DATA BREACH LEGAL NEWS
Companies have also faced sanctions for allegedly failing to protect customer information. Recently, Morgan Stanley agreed to pay $1 million in fines to settle claims it did not protect customer records. The Wall Street Journal (6/8/16) notes Morgan Stanley found itself in trouble after a former employee took client information home with him and posted it online.
The Securities and Exchange Commission argued Morgan Stanley did not have proper policies and procedures to protect customer information. Morgan Stanley has not admitted or denied any wrongdoing.