In the case of Blackbaud $49.5million.
This is the settlement agreed by the international software company for ransomware data breach, which exposed a raft of its clients sensitive and personal data. This included unencrypted banking information and login credentials.
Blackbaud agrees to $49.5 million settlement for ransomware data breach (bleepingcomputer.com)
This figure does not include any financial loss incurred directly because of the attack and the subsequent loss of income because of clients leaving and difficulty in gaining new clients because of loss of reputation.
Your takeaway
You may not be a big enough organisation to incur this type of settlement after an attack, but the other losses incurred because of a ransomware attack are likely. You need a ransomware plan.
I will give you two quick piece of mitigation that you could implement right now:
- Encryption.
- Ransomware resilient back-up.
For other advice on ransomware have a look at these articles in my Ransomware Mini-Seies:
Clive Catton MSc (Cyber Security) – by-line and other articles