The type of data lost in a breach is one of the largest factors in what it will cost you. If you only lose email addresses, it is probably not going to be as big of a payout as if you lose personally identifiable information (PII), sensitive customer data (like Social Security numbers), payment card information, private health information (PHI), etc. The more sensitive the record is, the more costly the breach will be. For example, if you lose payment card information, you may need to offer free credit monitoring to those affected. Or, if you’ve compromised customer health data, you may be subject to regulatory fines from governmental agencies.