Yup, data breaches do really affect customer loyalty

In 2015, there were plenty of big, headline-making data breaches with Sony and Ashley Madison two of the biggest names hit. And as it turns out, those breaches can do a lot more harm than a couple of weeks of negative media coverage.

According to a new global survey by digital security company Gemalto, nearly two-thirds (64%) of consumers surveyed worldwide say they are unlikely to shop or do business again with a company that had experienced a breach where financial information was stolen, and almost half (49%) had the same opinion when it came to data breaches where personal information was stolen.

Read more: 5 big security predictions for 2016

That’s hardly surprising given that a fair proportion of those surveyed have been burned before. The survey revealed that 31% of respondents have already been affected by data breach in the past. Around four in ten state the most likely causes for being a victim of a breach are visiting a fraudulent website (42%), phishing attacks (40%) or clicking a fraudulent web link (37%).

Growing fear

According to Gemalto, the emotional impact of data breaches has also created apprehensive feelings towards businesses with nearly one fifth surveyed (19%) feeling they are likely to be a victim of one within twelve months to three years.

Small wonder then that only a quarter (25%) of all respondents feel that companies take the protection and security of customer data very seriously. More than twice as many respondents feel that the responsibility of protecting and securing customer data falls on the company (69%) versus the customer (31%). Of the employed respondents, only around two fifths (38%) feel that their employer takes the protection and security of employee data very seriously.

Read more: Eliminating security gaps: how well prepared are we?

Ninety percent of surveyed consumers feel that there are apps and websites that pose significant risks to the protection and security of their personal information. Fifty-five percent believe that social media sites expose them to the greatest risk, and around two in five respondents believe adult content and torrent apps/websites carry the greatest risk to the security of personal information.

As a result, people are also becoming increasingly impatient with companies that experience data breaches. Around a quarter (23%) of respondents who have been a victim of a data breach, either have, or would, consider taking legal action against the breached company involved in exposing their personal information. Almost half (49%) of respondents said they would take or would consider taking legal action against any of the parties involved in exposing their personal information.

Taking responsibility

As Gemalto notes however, the consumer is not completely absolved of responsibility. Despite the many risks involved, the survey also found that a majority (54%) of respondents are using the same password for all or some of their online accounts. Of the respondents who actively use social media accounts, only a quarter (25%) use two-factor authentication to secure all of their social media accounts. Of the respondents who actively use online/mobile banking, around three fifths (58%) say that all of their banks use two-factor authentication to secure their internet banking. This isn’t as widespread amongst retailers, however. Of the respondents who actively use online retail accounts, one in four (25%) state that all of the online retail apps/websites they use, require two-factor authentication to secure online transactions.

Read more: 5 massive security threats set to emerge in 2016

“The media coverage of massive data breaches has done little to instil consumers’ confidence in how well companies, big and small, are protecting their data,” said Jason Hart, Vice President and Chief Technology Officer for Data Protection at Gemalto. “The fact that employees don’t even feel that their employers are taking the protection of their personal data security very seriously rings alarm bells. Either companies need to increase their security measures or, assuming that they already have these in place, they need to communicate this to their customers.”

“As companies collect ever-increasing amounts of customer data and as our digital interactions become more diverse, more data about what we do, who we are and what we like is being stored online,” continued Hart. “The survey proves that the traditional data security mind-set needs to evolve, this goes for companies and consumer adoption of advanced security measures like two-factor authentication. Otherwise, an increasing numbers of consumers will cut ties with companies who aren’t taking data protection seriously, and take their business to someone they can trust.”