Every six months or so, we learn of another security breach in which a hackers compromise the IT security of a major consumer brand and steal consumer personal data. there's good news, however, for companies who do suffer a data breach: According to a new research report from RAND Corp, American consumers are forgiving of cyber-attacks that compromise their personal information. It seems that Americans like shopping more with their favorite brands than they dislike having their credit card and personal data compromised.
The report, entitled "Consumer Attitudes Toward Data Breach Notifications and Loss of Personal Information" (ah, the poetry!) reveals that, while over 25% of American adults received notification in the past year of a personal data breach, only 11% of those surveyed say they won't do business with the breached company again.
Other Key findings include (all findings quoted from the company press release):
- 26% of respondents, or an estimated 64 million U.S. adults, recalled a breach notification in the past 12 months
- 44% of those notified were already aware of the breach
- 62% of respondents accepted offers of free credit monitoring
- Only 11% of respondents stopped dealing with the affected company following a breach
- 32% of respondents reported no costs of the breach and any inconvenience it garnered
- Among those reporting some cost, the median cost was $500
- 77% of respondents were highly satisfied with the company's post-breach response
One quarter of US consumers personally experiencing a breach notification seems alarming on its face. Overall, however, the survey is good news for brands. The question is: why consumers aren't more upset by data breaches?
The report mentions the concept of "breach fatigue," in which consumers have heard about so many data breaches that they become inured to them. It may also simply be a matter of a baseline level of trust; it's pretty intuitive to think that no consumer brand intentionally leaves security flaws unresolved in their data systems (although some brands have been accused of exactly that), and the fear of harmful publicity from breaches usually finds affected brands scrambling to reassure their customers.
Finally, the swift responses from banks who quickly freeze accounts and refund fraudulent purchases leaves consumers feeling that their data, while often vulnerable, is for the most part in safe hands. In short: in the fight against hackers, we're all in it together.
The survey of 2,038 adults can be downloaded here.