Canada’s data breach costs are the second highest in the world
cost of canada data breaches

Canada’s data breach costs are the second highest in the world

Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.

Start Your Claim
Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

According to Canadian lawyers who specialises in cybersecurity and data protection law, very few Canadian organisations are properly prepared to handle data breaches.

This is substantiated by the fact that the average data breach cost in Canada is the second highest in the world, according to the 2017 IBM and Ponemon Institute report. This consensus of how bad things may be is generally shared by many Canadian lawyers as well, with even the most basic protection models not in place for minimising data breaches.

Bradley Freedman, Vancouver-based law firm partner, said:

“…many Canadian organisations haven’t done some of the basic things that regulatory guidance and best practices suggest to minimise risk of a data breach.”

It seems that in many cases organisations are either not implementing data protection measures at all, or they’ve severely curtailed their desire for protection. Mr Freedman went on to say: “in my view it’s short-sighted and misguided” in terms of how organisations may choose to put resources into other parts of the business as opposed to data protection.


Risk Based Security, a cybersecurity firm, released data that showed Canada to be the third country in the world to have the greatest number of data breaches so far this year. Just falling behind the U.S. and U.K., Canada have reported 59 data breaches so far.

By comparison with other global influencers, China have only reported 22 data breaches, and there were only 19 publicly reported data breaches in Russia.

Of course, this report may not be the best indicator of whether Canada are within the top three countries that have the most data breaches, but it does say a lot as Canada’s data breach reporting apparently isn’t mandatory.

Mandatory data breach reporting will come into effect later this year when Ottawa enforces a rule (Protection of Personal Information and Electronic Documents Act (PIPEDA)) for organisations that come under ‘federal jurisdiction’ to do so. This refers to organisations that are overseen by the government.

Even though there isn’t mandatory data breach reporting in Canada, a failure to notify relevant regulators and organisations may lead to an investigation to find out if the organisation failed to undertake its responsibility to keep personal data safe. Therefore, many Canadian organisations may wish to consider reporting a data breach even if it’s not specifically required by law.


According to the IBM and the Ponemon Institute study, an average data breach costs Canadian companies $5.78 million (£4.44 million). Canada’s average data breach cost was reported to be the second highest in the world, and the cost was above the world average of $3.62 million (£2.78 million).

The study found that Canadian organisations who managed to contain a breach in less than 30 days were able to save $1.79 million (£1.38 million) in costs when compared to organisations who take longer than a month to deal with a breach.

So, the takeaway message here seems to be that those organisations who are proactive in their data breach protection and response approach can drastically reduce their costs.

As many experts say, the view should be ‘when’ data breaches happen, and not ‘if’.

Start Your Claim

You can call our claims team free from a landline or mobile on 0800 634 7575 or click on the link below to create a call back with one of our expert Data Claims team.Information on how we handle your data is available in our Privacy Policy.

We offer genuine No Win, No Fee agreements for our clients. Why we do this is simple:

Leading Data Breach Lawyers
Our experience speaks for itself.
We will fight for your right to compensation.
Access to Justice
As a victim of a data breach or hack, you deserve your chance to get access to justice.
Risks Assessment
We carefully risk assess your case and take it on if we think we have a good chance of winning the claim.

Request A Callback From Our Team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

Contact is © of Your Lawyers Limited - we are 'Authorised and Regulated by the Solicitors Regulation Authority (SRA number 508768)'
arrow-up icon