Here’s how consumers respond to a retailer data breach
A new survey reveals customers have a strong negative reaction when a retailer they frequent experiences a cyberattack.
According to "Security Matters: Consumer Views On Cybersecurity in Retail & Finance 2024,” a survey of more than 1,000 U.S. consumers from threat intelligence solution provider Cyberint, more than 60% of respondents are likely to stop shopping with a retailer following a data breach.
This figure rises to three-quarters (74%) of higher-income respondents who said they would stop shopping with a retailer post-data breach. And if a retail cyberattack occurs, more than six-in-10 (62%) respondents said that direct email notification is their preferred communication channel to receive a data breach notification.
In addition, more than three-in-four (76%) respondents believe retailers should compensate customers in the event of a data breach.
The survey also shows consumers are largely willing to exchange some convenience for greater protection of their data. Eight-in-10 (81%) respondents said they would be open to using additional security measures when provided by a retailer, with Cyberint analysis indicating retailers’ offering these measures is the most important factor for adoption.
Respondents are even more likely to abandon a finance app (82%) if their their personal information is leaked. Roughly two-thirds of respondents said two-factor authentication (68%) and strong encryption of data (65%) are crucial elements in choosing finance apps.
"The survey highlights the critical role cybersecurity plays in shaping consumer trust and behavior in the retail and finance sectors," Cyberint said in a press release. "Businesses are urged to prioritize investments in advanced security systems, transparent communication, and measures to rebuild consumer trust in the aftermath of data breaches."
IBM: Identity-related cyberattacks spiked in 2023
Consumers having their personal information compromised in data breaches is a real issue, as evidenced by IBM’s annual X-Force Threat Intelligence Survey of over 150 billion security events. The survey revealed retail was the fifth-most targeted industry last year, accounting for 10.7% of all cyberattacks among the top 10 industries, up from 8.7% in 2022.
X-Force saw attackers increasingly invest in operations to obtain users' identities – with a 266% uptick in info-stealing malware, designed to steal personal identifiable information like emails, social media and messaging app credentials, banking details, crypto wallet data and more. Overall, there was a 71% spike in cyberattacks caused by exploiting identity in 2023.