, The 2008 Annual Study: UK Cost of a Data Breach, found that the average cost of an incident is now £1.7m, compared to £1.4m in 2007, when factors such as lost business, PR damage, customer notification and other remedial work is factored in. The £60 simulated cost is up from £47 in 2007.

The poll covered a wide span of incidents from breaches of 4,100 to over 92,000 records and from an estimated cost of £160,000 to £4.8m.

Jamie Cowper, European marketing director at encryption software specialist PGP, which sponsored the report said more than half the cost came from "abnormal customer churn" -- in other words, customers changing supplier as a result of data breaches.

Other notable trends include the finding that 70 per cent of cases involved negligent behavior on the part of company insiders while just 30 per cent were the result of malicious behavior. A third of cases were caused by errors from third parties such as outsourcers. Remedial activity was led by use of encryption, identity and access management software, as well as training and awareness programmes.

In the US, laws have long called for firms to publicly report breaches, awareness is higher, and there are greater numbers of people who stand to be affected.