Also, increasing their security team by 1 engineer would have cost them more than $1M (assuming a salary of $100K). So from a pure economic standpoint it makes more sense for them to keep paying fines in future breaches.
every year I see numbers going up in discussions here, with a recent claim that a netflix engineer cost was $430k (salary + overhead). sr engineers at netflix on glassdoor were touching $200k - the "cost" (wild-ass guess on part of the poster) seems a bit out of whack, and I was negatively exaggerating for effect.
But also I originally thought this was damages for a long-running practice - it wasn't. A 2013 data breach, from the article.
NC is getting a whopping $70k from this - likely many multiples of that eaten up in time/money and opportunity costs. I've seen a bit of "yay, there's precedent for paying a fine for this sort of thing" but this fine just put a price on this sort of activity. Data breach affecting someone in NC? You'll face a fine of $1.50 per account. :/
