• by April 29, 2011

Email services firm Epsilon will face up to $225 million in total costs as a result of its recent data breach, according to a report released Friday by CyberFactors, a cyber risk analytics and intelligence company. CyberFactors said it conservatively estimates the number of affected emails in the Epsilon breach at 60 million.

According to CyberFactors, the Epsilon breach may have affected 75 companies or 3% of Epsilon's customers, not 2% as previously reported.

The problem could eventually cost these companies as much as $412 million. Added to Epsilon's own costs of $225 million, the total cost of the breach comes to $637 million.

Add in forensic audits and monitoring, fines, litigation and lost business for providers and customers, and that figure could eventually run as high as $3 billion to $4 billion, according to CyberFactors. That's because the compromised email addresses could be used by hackers and phishers to gain access to sites that contain consumers' personal information.

Regina Clark, research and analytics director, CyberFactors, stated: "With the cost of technology failures rising at an accelerated rate, the Epsilon event suggests a much more profound financial risk environment is now upon us. Cloud companies would be wise to think more like banks, insurance companies and hedge funds, and not just aggregators of the world's precious data and technology dependencies."