The severe financial implications of a data breach were highlighted this week after payment processing firm Heartland Payment Systems revealed that it has reached a settlement with American Express of $3.6m (£2.2m).
Heartland, the fifth largest payment processor in the US, suffered a major data breach in 2008, which it disclosed in January of this year, after hackers infiltrated its network.
The firm has already set aside a fund of over $12m (£7.45m) to compensate credit card companies, but the $3.6m settlement with American Express is the first specific agreement named.
"We are pleased to have reached an equitable settlement with American Express," said Bob Carr, Heartland's chairman and chief executive. "This settlement marks the first agreement with a card brand related to the intrusion."
The news will serve as another timely reminder to companies that fail to take data security and compliance with the Payment Card Industry (PCI) Data Security Standard seriously.
The legal costs and fines, as well as the cost of being recertified as PCI compliant, are easily quantifiable, but the damage to a firm's brand and reputation is likely to be more significant.
Claims to have "the most competitive logic density" in the industry
Dell's high-end mobile workstations upgraded with Intel Coffee Lake CPUs
Webstresser admins were also arrested in the UK, Croatia, Canada and Serbia
Security firm claims that 117,638 sites out of 135,035 analysed contain serious security flaws