A Ponemon Study sponsored by Experian® explores consumers’ sentiments about data breaches. The goal was to learn the affect data breaches had on consumers’ privacy and data security concerns. A similar study was conducted in 2012 and reveals some interesting trends in consumers’ perceptions.

The study asked consumers who were victims of a data breach questions about their experience. It may not come as a surprise that individuals who have had their personal information lost or stolen increased 100% since the 2012 study when only 25% of individuals surveyed were victims of a data breach.

For purposes of the research, they define a data breach as

the loss or theft of information that can be used to uniquely identify, contact or locate you. This includes, but is not limited to, such information as Social Security number, IP address, driver’s license number, credit card numbers and medical records

797 individuals were surveyed and approximately 400 of these respondents say they were the victims of a data breach. By far, the primary consequence of a data breach is suffering from stress (76% of respondents) followed by having to spend time resolving problems caused by the data breach (39% of respondents).

The most significant findings of the research:-

What companies should do following a data breach

  • 63% of consumers continue to believe that organizations should be obligated to provide identity theft protection
  • 58% believe credit monitoring services should be offered
  • 67% believe compensation such as cash, products or services should be offered

–       These findings are similar to the findings in the 2012 study.

Credit card companies and retail stores sent the most notifications

  • 62% of respondents say they received two data breach notifications involving separate incidents. These notifications can be in the form of a letter, telephone call, email or public notice.

Becoming a victim of a data breach increases fears about becoming an identity theft victim.

  • Prior to having their personal information lost or stolen, 24% say they were extremely or very concerned about becoming a victim of identity theft.
  • Following the data breach, this concern increased significantly to 45%.
  • 48% of respondents say their identity is at risk for years or forever.

How important is media coverage of data breaches?

  • The majority of respondents believe it is important for the media to report details about data breaches. Mainly because it requires companies to be more responsive to victims followed by the creation of greater awareness about how the data breach could affect individuals and alerts potential victims to take action to protect their personal information from identity theft.

Other findings:-

  • 25% of data breach notifications offered identity theft protection such as credit monitoring or fraud resolution services. This is a slight decrease from 2012 when 29% of respondents received such an offer
  • 67% of those receiving a notification wanted the organisation to “Explain the risks or harms that I will experience”
  • 32% said “I ignored the notification(s) and did nothing”
  • 78% were most worried about their Social Security number followed by Password/PIN at 71% and Credit card or bank payment information with 65%
  • 81% of respondents who were victims of a data breach did not have any out of pocket costs. If they did, it averaged about $38
  • 34% say they were able to resolve the consequences of the breach in one day
  • 55% say they have done nothing to protect themselves and their family from identity theft

The full report can be found here.

Advertisements