Story image

Gemalto survey: Data breaches may cause customer exodus

04 Dec 17

Organisations that experience a data breach may lose more than half of their customers after the incident, according to a recent Customer Loyalty 2017 Report from Gemalto.

The company conducted a global study of 10,500 consumers from countries including Australia.

53% of Australians say they would probably move to another bank if it suffered an online data breach; while 58% would stop shopping with a retailer affected by a breach.

Globally, only 27% of consumers believe that businesses take customer data security very seriously - however the consumers themselves are partly to blame.

62% believe businesses are responsible for customer data security, but only 41% take advantage of additional security measures they could use, such as two-factor authentication.

“Consumers are evidently happy to relinquish the responsibility of protecting their data to a business, but are expecting it to be kept secure without any effort on their part,” comments Gemalto’s CTO of Identity and Data Protection, Jason Hart.

81% of Australians would like organisations to have greater security online; however 60% are confident in areas such as online and mobile banking. This is higher than the global average of 53%.

According to Gemalto, the global study found that 56% of consumers use the same password for multiple online accounts – a tell that consumers are not playing their part as much as they need to.

“It’s astonishing that consumers are now putting their own data at risk, by failing to use these measures, despite growing concerns around their security,” Hart comments.

“It’s resulting in an alarming amount of breaches – 80% – being caused by weak or previously stolen credentials. Something has to change soon on both the business and consumer sides or this is only going to get worse.”

Businesses are being forced to take additional steps to protect their consumers, enforce them and educate them on the benefits of using the new safety measures.

“In the face of upcoming data regulations such as GDPR, it’s now up to businesses to ensure they are forcing security protocols on their customers to keep data secure. It’s no longer enough to offer these solutions as an option. These protocols must be mandatory from the start – otherwise businesses will face not only financial consequences, but also potentially legal action from consumers,” Hart notes.

62% of Australian consumers are worries that their personal online information will be stolen in the future, slightly lower than the global average of 67%.

93% say they would either take or consider taking legal action against the business in the event of a breach.

Disruption in the supply chain: Why IT resilience is a collective responsibility
"A truly resilient organisation will invest in building strong relationships while the sun shines so they can draw on goodwill when it rains."
Businesses too slow on attack detection – CrowdStrike
The 2018 CrowdStrike Services Cyber Intrusion Casebook reveals IR strategies, lessons learned, and trends derived from more than 200 cases.
What disaster recovery will look like in 2019
“With nearly half of all businesses experiencing an unrecoverable data event in the last three years, current backup solutions are no longer fit for purpose."
Proofpoint launches feature to identify most targeted users
“One of the largest security industry misconceptions is that most cyberattacks target top executives and management.”
McAfee named Leader in Magic Quadrant an eighth time
The company has been once again named as a Leader in the Gartner Magic Quadrant for Security Information and Event Management.
Symantec and Fortinet partner for integration
The partnership will deliver essential security controls across endpoint, network, and cloud environments.
Is Supermicro innocent? 3rd party test finds no malicious hardware
One of the larger scandals within IT circles took place this year with Bloomberg firing shots at Supermicro - now Supermicro is firing back.
25% of malicious emails still make it through to recipients
Popular email security programmes may fail to detect as much as 25% of all emails with malicious or dangerous attachments, a study from Mimecast says.