SMile Direct

SmileDirect Reveals the Outrageous Cost of Getting Hacked

The cost of doing business is high. But, as SmileDirect just learned, that cost rises exponentially if you’ve been hacked.

After announcing that it was dealing with a cybersecurity incident yesterday, the stock price of SmileDirectClub Inc (SDC) took a massive hit. And that’s just one of the many high costs that small, mid-size, and large businesses pay when cybercriminals attack them.

SmileDirect Is Hacked, Loses Millions Overnight

Nearly a month after it was hacked, SmileDirect let the world know. And the world was not very understanding.

SmileDirect released a statement revealing that on April 14th, it was hit with a cyberattack that caused a systems outage. It’s an outage that the company is still dealing with.

It said it doesn’t believe it lost any data and that team or customer information appeared safe. The hackers did, however, appear to hamper the company’s entire manufacturing process.

That statement revealed that the incident:

has caused, and may continue to cause, delays and disruptions to parts of the company’s business, including treatment planning, manufacturing operations, and product delivery.

And the stock market quickly took note. The price of SDC dropped 7% in after-hours trading, and it’s currently down 19% from yesterday.

SDC takes a serious nosedive. | Source: Yahoo Finance

In less than 24 hours, the company lost hundreds of millions of dollars of its market capitalization. That can hopefully be regained over time. But there are many other unrecoverable costs of getting hacked.

SmileDirect said it expects to see a $10 million to $15 million dent in revenue due to the systems outage from this attack.

This appears to be a ransomware attack, but SmileDirect said it hadn’t paid any ransom. That is usually the correct choice, as hackers often charge a second ransom once they find out the victim will pay.

SDC’s Loss Is Relatively Small Compared to Most Small Businesses

Many small business owners might think SmileDirect was only targeted because it’s a large company (according to Bloomberg, SDC’s market cap is over $3.32 billion).

Hackers, however, have been increasingly setting their sights on small businesses. According to CNBC, they’re targeting small businesses 43% of the time. The main reason is that small businesses assume they won’t be targeted. Only 14% of small businesses are prepared to defend themselves against a cyber attack.

But in reality, the effects of a security breach are usually far more devasting for smaller businesses. SmileDirect will likely recover over time. The same can’t be said for the majority of small businesses that get hacked.

According to the National Cyber Security Alliance, 60% of companies go out of business after a breach.

IBM and the Ponemon Institute’s 2020 Cost of Data Breach Report stated that the average data breach cost $3.86 million in 2020.

Check out this video detailing the costs of a cyber attack:

Those costs include business stoppages like the one we saw with SmileDirect. But they also include the daunting price of forensic audits from cybersecurity experts, fines from data leaks, and the hidden yet immeasurable costs of reputation damage.

Every business should have a plan in place for a cybersecurity breach.

Featured image from Karol Ciesluk of