The Consumer Elephant

Posted July 1, 2015

Survey Explodes 5 Data-Breach Myths. Shows Retailers Should Realize Consumers Care about Breaches and Have Long Memories

Data breaches have become so ubiquitous that news of them is just more white noise to consumers, right? WRONG. Very, very wrong according to a survey of 1,060 U.S. consumers conducted by

Like elephants, it would seem when it comes to the topic of data breaches, consumers never forget. In his story, Brett Conradt explores and explodes five myths about data breaches that, if believed, could prove expensive to retailers, bankers, and investors to name a few.

Myth 1: Most consumers don’t know or care about data breaches

Retailers may be shocked to learn that nearly 70 percent of the consumers we surveyed could correctly identify companies that had been breached. And they care. When asked how reports of data breaches have impacted their shopping habits, 15 percent of respondents said they generally stopped shopping at breached retailers and 23 percent generally stopped using breached payment methods. Furthermore, our survey found that when a consumer has been a victim of a breach, his or her reactions are even more pronounced.

Myth 2: Data breaches don’t affect consumer spending

With 15 percent of consumers planning to stop shopping at affected retailers, revenue will take a hit. Even more dramatic, among those whose personal data was breached, more than a quarter say they would stop shopping at that retailer, and nearly a third would close their account. And it gets worse. Among consumers who would continue shopping there, almost 50 percent say they would change how they pay, with 60 percent of them planning to use more cash (in place of credit and debit). Increased use of cash matters because market data shows that those who pay with cash have average ticket sizes that can be 10 to 20 percent lower.

Myth 3: If a retailer experiences a breach, only the retailer is impacted

The impact of a data breach stretches into the payments space. Nearly half of the consumers surveyed strongly believe that a breach is the bank’s fault as well a retailer’s. Furthermore, 43 percent say they have closed, frozen or stopped using a particular payment account after hearing about a data breach. These responses indicate that a data breach impacts the revenues, profits and reputation of the entire transaction-processing system.

Myth 4: If there is any consumer reaction to a data breach, it is short lived

The prevailing view is that once the storm passes, business will quickly return to normal. Indeed, stocks often take a short-term hit upon the news, but eventually rebound to pre-breach levels. However, our survey results suggest that consumers have longer memories than investors. Although Target was breached in late 2013, this breach is still in the minds of many Target customers who indicated to us in late 2014 that it would affect their spending plans during the holiday season—nearly a full year after the breach was reported.

Myth 5: Little needs to be done to bring customers back after a data breach

Many affected retail companies and financial institutions have made little effort to win back business. They seem to believe that consumer behavior will not change. However, these executives may not truly understand what portion of their customer base they have alienated.

LexisNexis Risk Solutions | ThreatMetrix

LexisNexis Risk Solutions | ThreatMetrix

close btn