mailing list archives
Re: "Hacker attacks won't hurt your company brand"
From: "Thor (Hammer of God)" <thor () hammerofgod com>
Date: Sat, 22 Jan 2011 17:30:48 +0000
Last I checked, TJX and Heartland were both still in business, and I don't think
any of their security teams ended up in jail or severely unemployed(*).
It's really hard to argue against those two data points.
Why would you want to argue for those data points in the first place? After the breach, TJXs stock immediately dumped
14% to its lowest value of the entire year. It took ~6 months for it to stabilize around pre-breach trading. I'm not
sure what actually qualifies for a "Nuff said" closer here, but I think stock quotes are a pretty good candidate over
But to be specific, that isn't what Sweeny said anyway. He said hacking effect on "brand identity" not "value." That
said, if he considers a 6 month stock recovery from a 14% drop a "little dip" then I'm envious of his portfolio (and is
actually a point worth making to establish his reference). How Shostack took that to mean that breaches don't have
business consequences and that a Day of Reckoning is coming for those who say it does is something I just can't see,
but I think it is safe to assume that his opinion is not based on owning TJX stock.
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/