How Much Did The Target, Home Depot Breaches Really Cost?

2014 was the year of breaches for Target and Home Depot.

Target’s breach costs, of course, were the result of a spillover from the attack that hit during the company’s 2013 fourth quarter. And the year of breaches only got worse when Home Depot got hit in September. Now, both companies have provided full-picture outlooks of just how much the breaches impacted the retailers as they reported on their Q4 earnings this week.

Home Depot reported Tuesday (Feb. 24) and reported that the net expenses of the data breach cost the company roughly $33 million. Home Depot CFO Carol Tomé shared briefly in the call with analysts about how the breach costs break down.

“In the fourth quarter, our gross data breach expenses were approximately $20 million. After estimating our insurance recovery, we recorded approximately $5 million of net data breach related expenses in the quarter. For the year, our gross data breach expenses were approximately $63 million, and after expected insurance recovery our net data breach expenses were approximately $33 million,” she said, later noting that the 2015 guidance for the company did not include any “expenses that we may incur in the future for data breach-related claims.”

As for Target, the company reported yesterday (Feb. 25) that the total breach expenses incurred from its massive data breach amounted to $162 million (2013 and 2014 figures combined). For Target’s fourth quarter, it incurred $4 million worth of breach-related expenses. Full-year net breach expenses were $145 million ($191 million offset by $46 million insurance receivable). As for fourth quarter in 2013, Target’s breach expenses hit $17 million ($61 million offset by $44 million insurance receivable).

“A year ago, we were in the recovery mode, working to repair guest relationships following the data breach while we undertook an assessment of the long-term prospects for our Canadian business,” Target CEO Brian Cornell said in the call with analysts. “Fast forward to today and we’ve ended the year with the data breached fully behind us and that we’ve made tough decision to execute the Canadian business.”