A single security breach costs between $400k and $1m - wow!
From John Leyden – Hacker Cuffed In Job Interview Sting With Hotel He Blackmailed:
A job-seeking Hungarian hacker has pleaded guilty to breaking into the systems of the Marriott hotel chain before attempting to blackmail his way into an IT job.
Attila Nemeth, 26, sent Trojan-infected emails to Marriott employees late last year, according to his plea agreement, in a move that successfully allowed him to extract confidential and financially sensitive information from the hotel chain's network. He then apparently threatened to reveal this information unless he was given a job maintaining Marriott's systems.
Marriott reported the approach to the US Secret Service, which set up a sting operation. An agent posed as a Marriott human resources worker, entering into email and phone conversations with Nemeth, ostensibly about the possibility of a job.
Nemeth agreed to travel to the US in January, supposedly for a job interview, after accepting a plane ticket bought at Marriott's expense. According to his plea agreement, during the "interview", Nemeth was coaxed into revealing how he broke in Marriott's systems and the level of confidential access he'd obtained. He also admitted sending the malware-loaded emails. He was subsequently arrested and charged with computer hacking and threatening to expose confidential information offences, the Wall Street Journal reports.
The Marriott estimates spending between $400,000 and $1m in consultant fees and others costs dealing with the security breach and figuring out what damage Nemeth might have caused.