For your consideration:
- 100,000,000 account records
- 3% fraud, guessing conservatively
- $500/incident of fraud
(100,000,000 x 0.03) x $500 = $1,500,000,000 -->$1.5Bn
So, guessing conservatively* this is potentially a $1.5Bn security incident... why is no one focusing on this?
*In case you wonder where I'm getting my numbers, I'm using statistics I've picked up from the 3 years I worked in IT Security & Risk for one of the largest card private-brand issuers on the planet... and although they are >1yr old, I suspect these statistics will hold true. If someone out there has a better guess, more accurate that is, please correct me.