// DAMAGE_CALCULATOR.v2
How We Calculate
the Damage
Official figures — fines, settlements, write-downs — are the floor, not the ceiling. Every outage, breach, and collapse sends shockwaves through every company, customer, and market that depended on it. We estimate total societal cost.
01. The Formula
Government fines, class-action settlements, product write-downs, legal fees, and direct revenue lost during the incident window.
Every company that depended on the failed service lost revenue too. We multiply affected businesses by industry-standard downtime benchmarks — or apply per-record costs for breaches.
For public companies: stock price drop × shares outstanding within 30 days of the event. For crypto: total market cap evaporation in affected tokens.
Incident response, forensics, credit monitoring (~$20/affected person for breaches), regulatory compliance remediation, and estimated customer churn from reputational damage.
02. Downstream Business Benchmarks
When AWS goes down, every startup on AWS goes down with it. When a critical library has a zero-day, every company using it faces emergency response costs. We use these published benchmarks to estimate B:
Infrastructure Outage — Cost per Hour by Company Size
| Company Size | US $/hour | Global avg $/hour | Source |
|---|---|---|---|
| Enterprise (>1,000 employees) | ~$540,000 | ~$280,000 | Gartner, 2024 |
| Mid-size (100–999 employees) | ~$91,000 | ~$47,000 | ITIC Annual Survey |
| Small (<100 employees) | ~$8,600 | ~$4,500 | ITIC Annual Survey |
Data Breach — Cost per Compromised Record
| Region | Per record | Includes | Source |
|---|---|---|---|
| United States | $165 | Detection, notification, legal, productivity loss | IBM CODB Report 2024 |
| Global average | $105 | Detection, notification, legal, productivity loss | IBM CODB Report 2024 |
| EU (GDPR territory) | ~€120 | + GDPR fine component | ENISA / Ponemon 2023 |
For global outages we weight by each affected country's GDP share. Not every affected company is enterprise-scale, so we apply mid-size benchmarks as a conservative default unless the incident specifically targeted large enterprises.
03. Global Impact Map
Each bubble marks the headquarters of the company at the center of the failure. Bubble size scales with estimated total damage. Click any bubble to open the full incident report.
04. Incident Explorer
| Incident | Year ↓ | Category | Est. Damage | Affected Users | Country |
|---|
05. Caveats & Notes
- All figures are estimates and represent lower bounds, not audited totals.
- Direct costs (fines, settlements) are cited from public court filings, regulatory orders, and company disclosures.
- Downstream costs use published industry benchmarks as proxies — actual impact varies by customer mix.
- Where reliable data is unavailable, we use
nullrather than speculating. - Bubble coordinates mark company HQ at time of incident — not necessarily where the failure originated.
- Sources: Gartner 2024, ITIC Annual Reliability Survey, IBM Cost of Data Breach Report 2024.