What a data breach would actually cost you

Free, source-cited calculators that put a real number on the cost and economic risk of a data breach — built for small and mid-sized businesses. Expected cost, cost per record, regulatory exposure, annual loss expectancy, and whether your security spend pays off. Every figure is dated and linked to its primary source.

$2.72Mexpected cost*

range

$1.63M–$4.63Moptimistic → pessimistic

→

$109per record

*Example: a ~50-employee healthcare provider holding 25,000 patient (PHI) records. Run your own numbers →

Open the Breach Cost Estimator

Pick a calculator

Breach cost Estimate the expected cost of a breach Compliance cost Regulatory penalty & notification exposure Breach risk Put a dollar figure on breach risk Mitigation ROI Does your security spend pay off? Data Dated, sourced benchmark dataset

Start with the central Data Breach Cost Estimator, or jump to compliance penalties, risk quantification, or the ROI of your controls.

Why another data breach cost calculator?

Most are lead-generation widgets: gated behind a form, not indexable, with undated and unsourced numbers, no published method, and no named author. BreachCostLab is built the opposite way:

Real numbers, server-rendered. Every tool ships a worked default — no blank boxes, no "request a quote", no email wall.
Dated, sourced benchmarks. Every coefficient is traced to a primary source — IBM/Ponemon Cost of a Data Breach, Verizon DBIR, the statutes themselves — and the key figures are inputs you can override.
Transparent math. The full model is published on the methodology page and verified against worked examples.
Shareable scenarios. Copy a link that reproduces your exact inputs to send to a colleague or your board.

Note. These are planning estimates based on published benchmarks — not a prediction of any specific incident, and not legal, financial, insurance or compliance advice.