Data breaches that affect SMBs and large corporations are growing at a brisk pace; unfortunately, these incidences can have a negative impact on a website’s SEO efforts. SEO is search engine optimization. The data breach increase rate is according to the 2015 Second Annual Data Breach Industry Forecast published by Experian, a credit-reporting agency that also helps businesses mitigate consumer risk after data breach incidences. Below is more information on how website SEO is affected.
What is SEO and why is it Important?
Simply put, search engine optimization refers to the activities that webmasters undertake to improve the search engine ranking of their sites organically. SEO is particularly important because Google and other search engines display search results and links to site pages depending on the scores returned by ranking algorithms. These algorithms evaluate and rank sites based on factors such as, subject relevance, site authority, keywords, as well as, the quality of inbound and outbound links. In turn, sites that rank high on search results receive more traffic compared to sites with lower search results rank. More traffic translates to more brand reach, market share, and more revenue, since site owners can easily sell ad space to businesses.
The Impact of Hacking on SEO
Successful hacking attacks can affect a site owner’s SEO efforts in the following ways:
1. Brand Reputation
Sites that are successfully hacked by cybercriminals often experience a significant dip in brand reputation afterwards. This is especially true when hackers manage to steal consumer data such as, Social Security numbers, login details- including usernames and passwords, date of birth/age, credit card details, and other personal details. For instance, the 2015 Ashley Madison site hack resulted in the exposure of more than 30 million account details including usernames, first names, last names, credit card numbers, street names, PayPal accounts, and phone numbers related to the site’s members.
The ensuing brouhaha caused Ashley Madison’s founder and CEO, Noel Biderman, to resign from his position. Moreover, Biderman had to suspend indefinitely his plans to take Ashley Madison’s parent company, Avid Life Media (ALM), public and sell its shares to investors. Ashley Madison’s reputation was further damaged by media reports of cybercriminals blackmailing and extorting money from the affected consumers after the hackers involved dumped more than 30 gigabytes of confidential consumer data online. It is safe to assume that ALM and Ashley Madison brands are unlikely to recover from this data breach any time soon.
It is also worth noting that businesses that operate in highly regulated sectors such as, healthcare, finance, and insurance, are subject to regulatory penalties in the event they lose confidential consumer data to hackers. Data from the Fourth Annual Benchmark Study on Patient Privacy & Data, published by the Ponemon Institute, shows that the cost of data breaches in the healthcare sector alone could be as high as $5.6 billion per year. As such, businesses in the aforementioned sectors must comply with regulations such as HIPAA- that are applicable nationwide, as well as standards and laws applicable at the state level. In fact, the 2015 Second Annual Data Breach Industry Forecast states that businesses face a patchwork of data breach laws since 47 states, including the District of Columbia and Puerto Rico, have state-specific regulatory frameworks. The inability of a web-based business to comply with these regulatory requirements would also dent consumer confidence, leading to bad brand reputation.
2. Loss of Traffic
Web users are unlikely to trust and visit a site that has been hacked by cybercriminals. Understandably, consumers will worry about exposing themselves to cybercriminals, becoming identity theft victims, or losing their hard-earned money. Loss of site traffic would translate to lower search results rank. As a result, a business would find it increasingly harder to generate revenues, reach large numbers of web users, and even acquire reputable inbound/outbound links. For startups that depend on angel investor funding, a dip in site SEO traffic numbers can be the end of a promising web-based venture, because most investors would not want to be associated with a business that is prone to cyber hacking.
3. Inability to Maintain Site
The operating expenses of companies that experience successful hacking attacks are likely to rise significantly. For instance, such companies are more likely to pay higher business insurance premiums. Figures from the Ponemon Institute show that the average financial cost of a single data breach incident is $3.5 million. Furthermore, the cost of each lost/stolen data record that contains confidential and sensitive information increased from $136 in 2013 to $145 in 2014 globally. For US-based businesses, this cost is substantially higher at $195. Rising financial costs, and falling revenue-generating capability, can negatively affect the SEO facet of a website in several ways. To start with, loss of revenue means a business may be unable to hire developers and programmers to maintain its website, and release updates for web-based applications/solutions. Moreover, the business may be unable to hire staff to prepare and publish blog posts, video content, and link site content to social media platforms such as Facebook and Twitter. All of these activities are essential in maintaining a high SEO rank.
4. Exposure to Bot-specific Penalties
One of the reasons cybercriminals hack sites is to use them for purposes of spreading and supporting bot-generated traffic. In turn, this traffic is used to spam web users with offers to purchase items such as illegal drugs, sex enhancers, and dubious supplements. To curb this practice, search engines usually demote sites that engage in spamming or generating bot traffic to lowly search results ranks. For instance, Google’s Hummingbird search engine update heavily penalized sites that gained high search results ranking by engaging in “bad SEO” tactics such as, spamming, link-farming, and targeted “spamdexing.” Sadly, the owners of sites commandeered by hackers for these purposes, may be unaware of the nefarious activities associated with their sites. To avoid becoming an unwitting bot-traffic victim, invest in robust site security solutions such as cross-site scripting vulnerability scanning, code obfuscation, and data encryption.
Webmasters should take measures to protect their websites from black hat hackers. This is vital to avoid negative SEO consequences such as, loss of traffic, sullying of brand reputation, exposure to bot-specific penalties, and huge financial losses.