With cybersecurity incidents and breaches, there's a place where the victim can be victimized twice. You have the threat actors that steal the money, and then you have the ensuing civil and criminal cases that take place afterwards. Sometimes, depending on the company, they are then taxed more, or they spend more time on it.
From our perspective, we work with a body comprised of our lawyers, the acquiring company's lawyers and the merchants that are involved in the issuing. We work out a reasonable compensation between all of the impacted organizations. That's for payment card breaches. It may differ depending on other breaches that take place.