Privacy and information management research firm the Ponemon Institute says the average total cost to UK companies of a single data breach incident is more than £1.4m.
Ponemon's 2007 Annual Study: UK Cost of a Data Breach report says the financial impact of lost business due to reduced consumer trust is the most significant component of data breach costs.
This first annual UK study was sponsored by PGP Corporation and Symantec. The report focuses on the cost of activities resulting from actual data-loss incidents, as well as identifying the most frequent causes and likely technology responses to a data breach.
Breaches included in the survey ranged from 2,500 records to more than 125,000 records, from 21 UK businesses spanning eight different industry sectors.
The average total cost of a data breach ranged from £84,000 to almost £3.8 million, with an average of £47 per record compromised.
From this, 36% of reported costs were due to lost business, with an abnormal customer churn rate of 2.5% after a breach.
The cost of a data breach for financial services organisations was more than 17% higher than average, at £55 per record compromised.
The survey found that 38% of respondents reported breaches by third-party organisations, such as outsourcers, consultants and business partners, at a significantly higher cost per record compromised.
And 36% of data breaches resulted from lost and stolen laptops or other mobile devices.
Survey respondents identified encryption and data loss prevention solutions as the top two technology responses following a data breach.
Larry Ponemon, chairman of the Ponemon Institute, said, "Businesses and government in the UK are just now coming to realise the impact a data breach can have on an organisation and its customers, similar to developments in the US five years ago when data breaches first became headline news."